7.5
CVE-2025-61582
- EPSS 0.45%
- Veröffentlicht 01.10.2025 23:15:30
- Zuletzt bearbeitet 20.10.2025 18:07:23
- Quelle security-advisories@github.com
- CVE-Watchlists
- Unerledigt
LoginTs3 Manager: Unauthenticated Denial of Service possible through specially crafted Unicode input
TS3 Manager is modern web interface for maintaining Teamspeak3 servers. A Denial of Dervice vulnerability has been identified in versions 2.2.1 and earlier. The vulnerability permits an unauthenticated actor to crash the application through the submission of specially crafted Unicode input, requiring no prior authentication or privileges. The flaw manifests when Unicode tag characters are submitted to the Server field on the login page. The application fails to properly handle these characters during the ASCII conversion process, resulting in an unhandled exception that terminates the application within four to five seconds of submission. This issue is fixed in version 2.2.2.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Joni1802 ≫ Ts3 Manager Version < 2.2.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.45% | 0.359 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| security-advisories@github.com | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
https://github.com/joni1802/ts3-manager/commit/3a069915f97a6f5dae1fe0b2e32aa11a69d83b5e
https://github.com/joni1802/ts3-manager/security/advisories/GHSA-4cq4-hp4f-8w7p