CVE-2026-4392

MEDIUM

TeamSpeak 3 Server clientek Handshake assertion

Title source: cna

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-4392. PoCs published by born0monday.

AI-analyzed exploit summary This repository contains functional exploit code for CVE-2026-4392, targeting TeamSpeak 3.13.7 with a Denial-of-Service (DoS) attack. The PoC implements a crafted handshake and packet manipulation to trigger a crash in the TeamSpeak server.

Description

A vulnerability was detected in TeamSpeak 3 Server up to 3.13.7. This issue affects some unknown processing of the component clientek Handshake Handler. Performing a manipulation of the argument proof results in reachable assertion. Remote exploitation of the attack is possible. Upgrading to version 3.13.8 is capable of addressing this issue. Upgrading the affected component is recommended.

Exploits (1)

github WORKING POC

by born0monday · rustpoc

https://github.com/born0monday/teamspeak3-vulnerabilities

View Code ZIP pw:eip

This repository contains functional exploit code for CVE-2026-4392, targeting TeamSpeak 3.13.7 with a Denial-of-Service (DoS) attack. The PoC implements a crafted handshake and packet manipulation to trigger a crash in the TeamSpeak server.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: TeamSpeak 3.13.7

No auth needed

Prerequisites: network access to the TeamSpeak server

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Jun 03, 2026 Full analysis →

References (5)

Core 5

Core References

Vdb Entry, Technical Description vdb-entry technical-description

VDB-366316 | TeamSpeak 3 Server clientek Handshake assertion

https://vuldb.com/vuln/366316

Signature, Permissions Required signature permissions-required

VDB-366316 | CTI Indicators (IOB, IOC, IOA)

https://vuldb.com/vuln/366316/cti

Patch patch

https://www.teamspeak.com/en/downloads/#server

Scores

CVSS v3 5.3

EPSS 0.0006

EPSS Percentile 17.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-617

Status published

Products (9)

None/TeamSpeak 3 Server 3.13.0

None/TeamSpeak 3 Server 3.13.1

None/TeamSpeak 3 Server 3.13.2

None/TeamSpeak 3 Server 3.13.3

None/TeamSpeak 3 Server 3.13.4

None/TeamSpeak 3 Server 3.13.5

None/TeamSpeak 3 Server 3.13.6

None/TeamSpeak 3 Server 3.13.7

None/TeamSpeak 3 Server 3.13.8

Published May 27, 2026

Tracked Since May 27, 2026