Viktor Kertesz

2 exploits Active since Nov 2023

CVE-2023-46445 WRITEUP MEDIUM WRITEUP

asyncssh < 2.14.1 - Rogue Extension Negotiation via Man-in-the-Middle Attack

An issue in AsyncSSH before 2.14.1 allows attackers to control the extension info message (RFC 8308) via a man-in-the-middle attack, aka a "Rogue Extension Negotiation."

CVSS 5.9

View Code

CVE-2023-46446 WRITEUP MEDIUM WRITEUP

asyncssh < 2.14.1 - Rogue Session Attack via Packet Injection

An issue in AsyncSSH before 2.14.1 allows attackers to control the remote end of an SSH client session via packet injection/removal and shell emulation, aka a "Rogue Session Attack."

CVSS 6.8

View Code