golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh

A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange...

CVE-2025-28202

Incorrect access control in Victure RX1800 ENV1.0.0r12110933 allows attackers to enable SSH and Telnet services without authentication...

Victure RX1800 安全漏洞

The Victure RX1800 is a wireless router from Victure. A security vulnerability exists in the Victure RX1800 ENV1.0.0r12110933 version, which stems from improper access control and could result in SSH and Telnet services being enabled without authentication...

UBUNTU-CVE-2025-46712

Erlang/OTP is a set of libraries for the Erlang programming language. In versions prior to OTP-27.3.4 for OTP-27, OTP-26.2.5.12 for OTP-26, and OTP-25.3.2.21 for OTP-25, Erlang/OTP SSH fails to enforce strict KEX handshake hardening measures by allowing optional messages to be exchanged. This...

CVE-2025-36546

On an F5OS system, if the root user had previously configured the system to allow login via SSH key-based authentication, and then enabled Appliance Mode; access via SSH key-based authentication is still allowed. For an attacker to exploit this vulnerability they must obtain the root user's SSH...

ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...

F5 F5OS 安全漏洞

F5 F5OS is a proprietary operating system that runs on F5 Corporation's F5 appliances to support its application delivery control and security features. A security vulnerability exists in F5 F5OS that stems from SSH key authentication bypass...

Configuring the SSH Service Port Properly

A server typically has multiple NICs and IP addresses. You need to plan IP addresses to determine which ones are used for services or management. Not all IP addresses need to listen on SSH connections. You can specify only some IP addresses to perform SSH connections to reduce the attack surface...

Configure the SSH Service Log Level Properly

SSH provides multiple log output levels, such as QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. A higher log level such as QUIET or FATAL prints less log information. This saves drive space but hinders administrators from auditing and tracing SSH events. Conversely, a lowe...

Disable the Root User from Logging in to the System Using SSH

The PermitRootLogin parameter in the SSH configuration file /etc/ssh/sshdconfig specifies whether the root user can log in to the system using SSH. The root user is not allowed to log in to the system using SSH. System administrators must use their own user to log in to the system using SSH and r...

Configure a Correct SSH Service Version

SSH1 contains known issues and is no longer maintained in a routine manner, which poses risks such as information leakage and command data tampering on the system. The OpenSSH component inherited by openEuler uses the SSH protocol for remote control or file transfer between servers. The SSH1.3,...

Configure a Proper Number of Concurrent Unauthenticated SSH Connections

Without knowing the password, an attacker can set up a large number of concurrent connections that have not been authenticated to consume system resources. The number of concurrent unauthenticated SSH connections is not configured in openEuler by default. You are advised to configure the upper...

Optigo Networks ONS NC600 信任管理问题漏洞

The Optigo Networks ONS NC600 is a professional building automation network controller from Optigo Networks designed as a security gateway for BACnet/IP and MS/TP networks. A trust management issue vulnerability exists in the Optigo Networks ONS NC600 versions 4.2.1-084 through 4.7.2-330, which...

Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp

CVE-2025-32433: Erlang/OTP's SSH Server Exploit...

The vulnerability of Microprogramming Software in Cisco SIP IP Phones like Cisco Video Phone 8875 and Cisco Desk Phone 9800 Series arises from insufficient protection for operational data, allowing unauthorized access to protected information by attackers.

The vulnerability of the microprogramming software used in Cisco SIP IP phones and Cisco Video Phone 8875 and Cisco Desk Phone 9800 Series lies in the insufficient protection of operational data. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected informatio...

Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp

Erlang-OTP-SSH-CVE-2025-32433 Exploit Erlang/OTP SSH CVE-202...

Security update for elemental-toolkit

This update for elemental-toolkit fixes the following issues: Updated to version 2.1.3: Simplify podman calls in CI steup Switched GHA runners to Ubuntu 24.04 Updated year in headers Updated to go1.23, required by the new x/crypto module CVE-2025-22870: Fixed proxy bypass using IPv6 zone IDs...

The vulnerability of the SSH protocol implementation on Windows operating systems allows attackers to escalate their privileges.

The vulnerability of the SSH protocol implementation in OpenSSH servers for Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to increase their privileges...

The vulnerability of the SSH plugin of the JetBrains Toolbox, a set of development tools, allows a hacker to execute arbitrary commands.

The vulnerability of the SSH plugin of the JetBrains Toolbox developer’s tools is related to the lack of measures taken at the control level for data cleaning. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the SSH plugin of the JetBrains Toolbox, a set of development tools, allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the SSH plugin in the JetBrains Toolbox suite is related to incorrect verification of the certificate’s authenticity. Exploiting this vulnerability allows an attacker to compromise the confidentiality and integrity of the protected information...