OS Command Injection Vulnerability in OpenSSH Before 9.6
CVE-2023-51385
Key Information:
Badges
Summary
In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
Get notified when SecurityVulnerability.io launches alerting 🔔
Well keep you posted 📧
News Articles
Critical OpenSSH Flaw Could Allow Remote Code Execution - Cyber Kendra
Critical OpenSSH Flaw Could Allow Remote Code Execution
1 year ago
BNN BreakingOpenSSH Vulnerabilities - An Urgent Call for Continuous Security Updates
Several security vulnerabilities identified in OpenSSH could potentially allow attackers to escalate their privileges and execute command injection. The Terrapin attack further exploits the protocol's weaknesses, emphasizing the need for continuous security monitoring and updates.
1 year ago
Security BoulevardCVE-2023-51385OpenSSH Command Injection Vulnerability (CVE-2023-51385) Alert
Overview Recently, NSFOCUS CERT detected that OpenSSH released a security update and fixed a command injection vulnerability caused by malicious shell characters (CVE-2023-51385), with a CVSS score of 9.8; Since there is no security filtering of username and hostname input represented by %h,%u in Op...
1 year ago
References
CVSS V3.1
Timeline
- 🟡
Public PoC available
- 👾
Exploit known to exist
- 📰
First article discovered by Security Boulevard
Vulnerability published
Vulnerability Reserved