EIP-2026-103720

PRE-CVE

Websockify (C Implementation) 0.8.0 - Buffer Overflow (PoC)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103720. PoCs published by RedTeam Pentesting GmbH.

AI-analyzed exploit summary The advisory describes a buffer overflow vulnerability in the C implementation of Websockify, which allows attackers to execute arbitrary code by sending a crafted WebSocket handshake. The vulnerability is due to improper bounds checking in the `do_handshake` function, leading to memory corruption.

Description

Websockify (C Implementation) 0.8.0 - Buffer Overflow (PoC)

Exploits (1)

exploitdb WRITEUP

by RedTeam Pentesting GmbH · textdosmultiple

https://www.exploit-db.com/exploits/39882

View Code ZIP pw:eip

The advisory describes a buffer overflow vulnerability in the C implementation of Websockify, which allows attackers to execute arbitrary code by sending a crafted WebSocket handshake. The vulnerability is due to improper bounds checking in the `do_handshake` function, leading to memory corruption.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: Websockify C implementation <= 0.8.0

No auth needed

Prerequisites: Network access to the Websockify service

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026