CNNVD-202601-3176 Information

CNNVD ID

CNNVD-202601-3176

Related CVE

CVE-2025-66902

• CNNVD Published: 2026-01-20

Description (Chinese)

Websocket Server是Manos个人开发者的一个websocket服务器。 Websocket Server 0.6.4版本存在安全漏洞，该漏洞源于输入验证问题，可能导致远程攻击者通过websocket_server/websocket_server.py和WebSocketServer._message_received组件获取敏感信息或导致意外服务器行为。

Description (English)

Websocket Server is a websocket server for Manos personal developers. Version 0.6.4 of Websocket Server has a security loophole, which stems from input validation problems and may lead to sensitive information or unexpected server behaviour by remote assailants via the websocket server/websocket server.py and WebSocketServer. message received components.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2026-01-20

Last Modified

2026-02-24

References

https://github.com/cyberinvest211/websocket-server-vuln-poc/tree/main https://access.redhat.com/security/cve/cve-2025-66902