all InfoSec news
OpenSSH Command Injection Vulnerability (CVE-2023-51385) Alert
Security Boulevard securityboulevard.com
Overview Recently, NSFOCUS CERT detected that OpenSSH released a security update and fixed a command injection vulnerability caused by malicious shell characters (CVE-2023-51385), with a CVSS score of 9.8; Since there is no security filtering of username and hostname input represented by %h,%u in OpenSSH’s ProxyCommand command, command injection may occur if the username or […]
The post OpenSSH Command Injection Vulnerability (CVE-2023-51385) Alert appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers …
alert blog cert characters command command injection cve cvss cvss score emergency-response injection input malicious may nsfocus openssh proxycommand score security security update shell update username vulnerability