4 matches found
CVE-2026-54591 AsyncSSH: SCP Path Traversal to Arbitrary File Write
AsyncSSH is a Python package which provides an asynchronous client and server implementation of the SSHv2 protocol on top of the Python asyncio framework. Prior to 2.23.1, a malicious SSH server can write arbitrary files on the asyncssh SCP client's filesystem by sending filenames containing ../...
CVE-2025-15382
A heap buffer over-read vulnerability exists in the wolfSSHCleanPath function in wolfSSH. An authenticated remote attacker can trigger the issue via crafted SCP path input containing '/./' sequences, resulting in a heap over read by 1 byte...
PT-2026-1498
Name of the Vulnerable Software and Affected Versions wolfSSH affected versions not specified Description A heap buffer over-read issue exists in the wolfSSH CleanPath function within wolfSSH. A remote attacker with authentication can trigger this by providing specially crafted SCP path input tha...
libssh: unsanitized location in scp could lead to unwanted command execution
A flaw was found with the libssh API function sshscpnew. A user able to connect to a server using SCP could execute arbitrary command using a user-provided path, leading to a compromise of the remote target...