CVEs-PoC/2017/CVE-2017-1000209.md at e7be3f24665f27f4f8a571f070ce04dfd1f54dc4

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-12 13:31:34 +02:00

Files

T

0xMarcio 6100550298 Update CVE sources 2024-06-22 09:37

2024-06-22 09:37:59 +00:00

Description

The Java WebSocket client nv-websocket-client does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL/TLS servers via an arbitrary valid certificate.

POC

Reference

No PoCs from references.

Github

https://github.com/Anonymous-Phunter/PHunter
https://github.com/CGCL-codes/PHunter
https://github.com/LibHunter/LibHunter

836 B Raw Blame History

CVE-2017-1000209

Description

POC

Reference

Github

836 B

Raw Blame History