· Jimmy Ly · Vulnerabilities
Unauthenticated Arbitrary File Read in Gazebo Sim WebsocketServer
We found an unauthenticated arbitrary file read in Gazebo Sim's WebsocketServer plugin where a single WebSocket frame reads any file on the server, including /etc/shadow and SSH keys.