Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/04/02 1:34 a.m.26 views

CVE-2025-30095

VyOS 1.3 through 1.5 fixed in 1.4.2 or any Debian-based system using dropbear in combination with live-build has the same Dropbear private host keys across different installations. Thus, an attacker can conduct active man-in-the-middle attacks against SSH connections if Dropbear is enabled as the...

9CVSS7.1AI score0.00483EPSS
Exploits0References1
Circl
Circl
added 2025/03/31 7:12 p.m.23 views

CVE-2025-30095

creationtimestamp| type| source ---|---|--- 2025-03-31 19:12:39+00:00| seen| https://t.me/cvedetector/21628 2025-03-31 21:31:33+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/9769 2025-04-02 05:51:39+00:00| seen|...

9CVSS4.8AI score0.00483EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/03/31 12:0 a.m.7 views

CVE-2025-30095

VyOS 1.3 through 1.5 fixed in 1.4.2 or any Debian-based system using dropbear in combination with live-build has the same Dropbear private host keys across different installations. Thus, an attacker can conduct active man-in-the-middle attacks against SSH connections if Dropbear is enabled as the...

9CVSS9AI score0.00483EPSS
Exploits0References5
CVE
CVE
added 2025/03/31 12:0 a.m.122 views

CVE-2025-30095

CVE-2025-30095 affects VyOS 1.3–1.5 (fixed in 1.4.2) and can also impact any Debian-based system using Dropbear with live-build due to identical Dropbear private host keys across installations. This enables active man-in-the-middle attacks on SSH if Dropbear is used as the SSH daemon; VyOS’s cons...

9CVSS6.4AI score0.00483EPSS
Exploits0References5
Rows per page
Query Builder