CVE-2025-61582 (CNNVD-202510-004)
中文标题:
ts3-manager 输入验证错误漏洞
英文标题:
Ts3 Manager: Unauthenticated Denial of Service possible through specially crafted Unicode input
漏洞描述
中文描述:
ts3-manager是Jonathan个人开发者的一个用于维护Teamspeak3服务器的web界面。 ts3-manager 2.2.1及之前版本存在输入验证错误漏洞,该漏洞源于ASCII转换过程中未正确处理Unicode标签字符,可能导致拒绝服务攻击。
英文描述:
TS3 Manager is modern web interface for maintaining Teamspeak3 servers. A Denial of Dervice vulnerability has been identified in versions 2.2.1 and earlier. The vulnerability permits an unauthenticated actor to crash the application through the submission of specially crafted Unicode input, requiring no prior authentication or privileges. The flaw manifests when Unicode tag characters are submitted to the Server field on the login page. The application fails to properly handle these characters during the ASCII conversion process, resulting in an unhandled exception that terminates the application within four to five seconds of submission. This issue is fixed in version 2.2.2.
CWE类型:
标签:
受影响产品
| 厂商 | 产品 | 版本 | 版本范围 | 平台 | CPE |
|---|---|---|---|---|---|
| joni1802 | ts3-manager | < 2.2.2 | - | - |
cpe:2.3:a:joni1802:ts3-manager:<_2.2.2:*:*:*:*:*:*:*
|
| joni1802 | ts3_manager | * | - | - |
cpe:2.3:a:joni1802:ts3_manager:*:*:*:*:*:*:*:*
|
解决方案
中文解决方案:
英文解决方案:
临时解决方案:
CVSS评分详情
3.1 (cna)
HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
时间信息
利用信息
数据源详情
| 数据源 | 记录ID | 版本 | 提取时间 |
|---|---|---|---|
| CVE | cve_CVE-2025-61582 |
2025-11-11 15:23:33 | 2025-11-11 07:40:48 |
| NVD | nvd_CVE-2025-61582 |
2025-11-11 15:01:04 | 2025-11-11 07:48:35 |
| CNNVD | cnnvd_CNNVD-202510-004 |
2025-11-11 15:12:30 | 2025-11-11 08:00:15 |
版本与语言
安全公告
变更历史
查看详细变更
- vulnerability_type: 未提取 -> 输入验证错误
- cnnvd_id: 未提取 -> CNNVD-202510-004
- data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
查看详细变更
- affected_products_count: 1 -> 2
- data_sources: ['cve'] -> ['cve', 'nvd']