CVE-2019-25613 HIGH

CVE-2019-25613: Easy Chat Server 3.1 Denial of Service via message Parameter

Vendor Echatserver
Product Easy Chat
Weakness CWE-940
Published March 22, 2026
Last update March 23, 2026

CVSS base score

8.7/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Easy Chat Server 3.1 contains a denial of service vulnerability that allows remote attackers to crash the application by sending oversized data in the message parameter. Attackers can establish a session via the chat.ghp endpoint and then send a POST request to body2.ghp with an excessively large message parameter value to cause the service to crash.

Key dates

02Disclosure timeline

March 22, 2026 CVE published
March 23, 2026 Record updated