CVE-2025-55300 HIGH

CVE-2025-55300: Komari Allows Cross-site WebSocket Hijacking

Vendor Komari-Monitor
Product komari
Weakness CWE-79 · XSS
Published August 18, 2025
Last update August 18, 2025

CVSS base score

8.6/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Komari is a lightweight, self-hosted server monitoring tool designed to provide a simple and efficient solution for monitoring server performance. Prior to 1.0.4-fix1, WebSocket upgrader has disabled origin checking, enabling Cross-Site WebSocket Hijacking (CSWSH) attacks against authenticated users. Any third party website can send requests to the terminal websocket endpoint with browser's cookies, resulting in remote code execution. This vulnerability is fixed in 1.0.4-fix1.

Key dates

02Disclosure timeline

August 18, 2025 CVE published
August 18, 2025 Record updated