CVE-2018-10933

CVE-2018-10933

CVSS 9.1 CRITICALEPSS 91.8%CWE-592

A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access.

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Affected products

[UNKNOWN] · libssh

public PoCs found — 41

githubgithub.com/blacknbunny/CVE-2018-10933★ 498 githubgithub.com/jobroche/libssh-scanner★ 235 githubgithub.com/SoledaD208/CVE-2018-10933★ 126 githubgithub.com/hackerhouse-opensource/cve-2018-10933★ 110 githubgithub.com/jas502n/CVE-2018-10933★ 22 githubgithub.com/kn6869610/CVE-2018-10933★ 14 githubgithub.com/Virgula0/POC-CVE-2018-10933★ 11 githubgithub.com/marco-lancini/hunt-for-cve-2018-10933★ 10 githubgithub.com/nikhil1232/LibSSH-Authentication-Bypass★ 6 githubgithub.com/HSw109/CVE-2018-10933★ 4 githubgithub.com/xFreed0m/CVE-2018-10933★ 3 githubgithub.com/shifa123/pythonprojects-CVE-2018-10933★ 2 githubgithub.com/Rubikcuv5/CVE-2018-10933★ 1 githubgithub.com/r3dxpl0it/CVE-2018-10933★ 1 githubgithub.com/ivanacostarubio/libssh-scanner★ 1 githubgithub.com/likekabin/CVE-2018-10933-libSSH-Authentication-Bypass★ 1 githubgithub.com/lalishasanduwara/CVE-2018-10933★ 0 githubgithub.com/SilasSpringer/CVE-2018-10933★ 0 githubgithub.com/bidaoui4905/CVE-2018-10933★ 0 githubgithub.com/opsifiz/CVE-2018-10933★ 0 githubgithub.com/Remnant-DB/CVE-2018-10933★ 0 githubgithub.com/cyberharsh/Libssh-server-CVE-2018-10933★ 0 githubgithub.com/hook-s3c/CVE-2018-10933★ 0 githubgithub.com/likekabin/CVE-2018-10933_ssh★ 0 githubgithub.com/cve-2018/cve-2018-10933★ 0 githubgithub.com/ninp0/cve-2018-10933_poc★ 0 githubgithub.com/pghook/CVE-2018-10933_Scanner★ 0 githubgithub.com/Bifrozt/CVE-2018-10933★ 0 githubgithub.com/throwawayaccount12312312/precompiled-CVE-2018-10933★ 0 githubgithub.com/reanimat0r/bpnd-libssh★ 0 githubgithub.com/ensimag-security/CVE-2018-10933★ 0 githubgithub.com/0xadaw/libSSH-bypass★ 0 githubgithub.com/sambiyal/CVE-2018-10933-POC★ 0 githubgithub.com/Kurlee/LibSSH-exploit★ 0 githubgithub.com/crispy-peppers/Libssh-server-CVE-2018-10933★ 0 githubgithub.com/youkergav/CVE-2018-10933★ 0 githubgithub.com/kristyna-mlcakova/CVE-2018-10933★ 0 githubgithub.com/JoSecMx/CVE-2018-10933_Scanner★ 0 exploitdbwww.exploit-db.com/exploits/46307unverified cve_referencewww.exploit-db.com/exploits/45638/unverified exploitdbwww.exploit-db.com/exploits/45638unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10933 https://lists.debian.org/debian-lts-announce/2018/10/msg00010.html https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0016 https://security.netapp.com/advisory/ntap-20190118-0002/https://usn.ubuntu.com/3795-1/https://usn.ubuntu.com/3795-2/https://www.debian.org/security/2018/dsa-4322 https://www.exploit-db.com/exploits/45638/https://www.libssh.org/security/advisories/CVE-2018-10933.txt https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html http://www.securityfocus.com/bid/105677