CVE-2024-0725

MEDIUM

ProSSHD 1.2 - Denial of Service

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-0725. PoCs published by Fernando Mengali.

AI-analyzed exploit summary This exploit targets ProSSHD 1.2 20090726 by sending a malformed SCP payload to trigger a Denial of Service (DoS). It requires authentication and leverages a buffer overflow via a long string of 'A' characters.

Description

A vulnerability was found in ProSSHD 1.2 on Windows. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-251548.

Exploits (1)

exploitdb WORKING POC
by Fernando Mengali · remotewindows
https://www.exploit-db.com/exploits/52321

This exploit targets ProSSHD 1.2 20090726 by sending a malformed SCP payload to trigger a Denial of Service (DoS). It requires authentication and leverages a buffer overflow via a long string of 'A' characters.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: ProSSHD 1.2 20090726
Auth required
Prerequisites: valid credentials · network access to the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Permissions Required vdb-entry
https://vuldb.com/?id.251548
Permissions Required signature permissions-required
https://vuldb.com/?ctiid.251548

Scores

CVSS v3 5.3
EPSS 0.0365
EPSS Percentile 88.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact partial

Details

CWE
CWE-404
Status published
Products (1)
prosshd/prosshd 1.2_20090726
Published Jan 19, 2024
Tracked Since Feb 18, 2026