9Convert
English
While this specific version combination itself is not a vulnerability, it often points to a target environment running , which is vulnerable to Remote Code Execution (RCE) Target Analysis: WSGIServer/0.2 CPython/3.10.4 WSGIServer/0.2
HTTP/1.0 200 OK Date: Tue, 19 May 2026 07:08:00 GMT Server: WSGIServer/0.2 CPython/3.10.4 Content-Type: text/html; charset=utf-8 Use code with caution. wsgiserver 0.2 cpython 3.10.4 exploit
This is one of the most common exploits associated with this server signature, particularly when used with MkDocs version 1.2.2 or earlier. An attacker can use a crafted URL (e.g., /%2e%2e/%2e%2e/etc/passwd ) to read arbitrary files outside the web root. While this specific version combination itself is not
documentation site, the built-in development server (version 0.2) is vulnerable to a directory traversal attack. Vulnerability : Improper sanitization of URL paths. : Attackers can read arbitrary files (e.g., /etc/passwd ) from the host. PoC Payload PoC Payload