OpenSSH Command Injection Vulnerability (CVE-2023-51385) Alert

OpenSSH Command Injection Vulnerability (CVE-2023-51385) Alert


Overview Recently, NSFOCUS CERT detected that OpenSSH released a security update and fixed a command injection vulnerability caused by malicious shell characters (CVE-2023-51385), with a CVSS score of 9.8; Since there is no security filtering of username and hostname input represented by %h,%u in OpenSSH’s ProxyCommand command, command injection may occur if the username or The post OpenSSH Command Injection Vulnerability (CVE-2023-51385) Alert appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

Source

Comments

No comments yet. Why don’t you start the discussion?

Leave a Reply

Your email address will not be published. Required fields are marked *