CVE-2023-35887

MEDIUM

Apache Sshd < 2.9.3 - Path Traversal

Title source: rule

Description

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache MINA. In SFTP servers implemented using Apache MINA SSHD that use a RootedFileSystem, logged users may be able to discover "exists/does not exist" information about items outside the rooted tree via paths including parent navigation ("..") beyond the root, or involving symlinks. This issue affects Apache MINA: from 1.0 before 2.10. Users are recommended to upgrade to 2.10

Exploits (1)

nomisec WORKING POC

by shoucheng3 · poc

https://github.com/shoucheng3/apache__mina-sshd_CVE-2023-35887_2-9-2

View Code ZIP pw:eip

References (1)

[Mailing List, Vendor Advisory] https://lists.apache.org/thread/b9qgtqvhnvgfpn0w1gz918p21p53tqk2

Scores

CVSS v3 5.0

EPSS 0.0010

EPSS Percentile 28.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

Details

CWE

CWE-22

Status published

Products (4)

apache/sshd 1.0.0 - 2.9.3

org.apache.sshd/sshd-common 2.1.0 - 2.9.3Maven

org.apache.sshd/sshd-core 1.0.0 - 2.1.0Maven

org.apache.sshd/sshd-sftp 1.0.0 - 2.9.3Maven

Published Jul 10, 2023

Tracked Since Feb 18, 2026