curl's websocket code did not update the 32 bit mask pattern for each new
outgoing frame as the specification says. Instead it used a fixed mask that
persisted and was used throughout the entire connection.
A predictable mask pattern allows for a malicious server to induce traffic
between the two communicating parties that could be interpreted by an involved
proxy (configured or transparent) as genuine, real, HTTP traffic with content
and thereby poison its cache. That cached poisoned content could then be
served to all users of that proxy.
Published: 2025-09-12
CVSS: 5.3
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Download Exploit for CVE-2025-10148 here:
Use Tor Browser to access .onion links.
Check our team here:
https://wednesfieldacademy.com/exploit-36-cve-2025-13601/
https://wednesfieldacademy.com/exploit-557-cve-2015-3035/
https://wednesfieldacademy.com/exploit-878-cve-2024-5535/
