CVE-2017-9543

Name of the Vulnerable Software and Affected Versions EFS Software Easy Chat Server versions 2.0 to 3.1

Description The issue allows remote attackers to reset arbitrary passwords via a crafted POST request to "registresult.htm". This is a significant problem as it can lead to unauthorized access to accounts.

Recommendations For EFS Software Easy Chat Server versions 2.0 to 3.1, consider disabling the register.ghp functionality until a patch is available to prevent remote attackers from resetting arbitrary passwords. Restrict access to the "registresult.htm" endpoint to minimize the risk of exploitation.