Fabian Bäumer - Security Researcher - Exploit Intelligence Platform

CVE-2018-7750 WRITEUP CRITICAL WRITEUP

Paramiko <2.4.1 - RCE

transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step.

CVSS 9.8

View Code

CVE-2023-46445 WRITEUP MEDIUM WRITEUP

asyncssh < 2.14.1 - Rogue Extension Negotiation via Man-in-the-Middle Attack

An issue in AsyncSSH before 2.14.1 allows attackers to control the extension info message (RFC 8308) via a man-in-the-middle attack, aka a "Rogue Extension Negotiation."

CVSS 5.9

View Code

CVE-2023-46446 WRITEUP MEDIUM WRITEUP

asyncssh < 2.14.1 - Rogue Session Attack via Packet Injection

An issue in AsyncSSH before 2.14.1 allows attackers to control the remote end of an SSH client session via packet injection/removal and shell emulation, aka a "Rogue Session Attack."

CVSS 6.8

View Code