CVE-2013-4652

Unspecified vulnerability in the command-line management interface on Siemens Scalance W7xx devices with firmware before 4.5.4 allows remote attackers to bypass authentication and execute arbitrary code via a 1 SSH or 2 TELNET connection...

CVE-2013-0712

IPSSH aka the SSH server in Wind River VxWorks 6.5 through 6.9 allows remote authenticated users to cause a denial of service daemon outage via a crafted packet...

CVE-2019-19754

HiveOS through 0.6-102@191212 ships with SSH host keys baked into the installation image, which allows man-in-the-middle attacks and makes identification of all public IPv4 nodes trivial with Shodan.io. NOTE: as of 2019-09-26, the vendor indicated that they would consider fixing this...

CVE-2019-19751

easyMINE before 2019-12-05 ships with SSH host keys baked into the installation image, which allows man-in-the-middle attacks and makes identification of all public IPv4 nodes trivial with Shodan.io...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : openssh (SUSE-SU-2025:01638-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:01638-1 advisory. This update for openssh fixes the following issue: Security fixes: - CVE-2025-32728: Fixed logic error i...

CVE-2002-2379

Cisco AS5350 IOS 12.211T with access control lists ACLs applied and possibly with ssh running allows remote attackers to cause a denial of service crash via a port scan, possibly due to an ssh bug. NOTE: this issue could not be reproduced by the vendor...

CVE-2003-0724

ssh on HP Tru64 UNIX 5.1B and 5.1A does not properly handle RSA signatures when digital certificates and RSA keys are used, which could allow local and remote attackers to gain privileges...

CVE-2009-3710

RioRey RIOS 4.6.6 and 4.7.0 uses an undocumented, hard-coded username dbadmin and password sq!us3r for an SSH tunnel, which allows remote attackers to gain privileges via port 8022...

CVE-2009-0623

Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A21.3 and Cisco ACE 4710 Application Control Engine Appliance before A32.1 allows remote attackers to cause a denial of service device reload via a crafted SSH packet...

CVE-1999-0013

Stolen credentials from SSH clients via ssh-agent program, allowing other local users to access remote accounts belonging to the ssh-agent user...

CVE-1999-0398

In some instances of SSH 1.2.27 and 2.0.11 on Linux systems, SSH will allow users with expired accounts to login...

CVE-1999-0310

SSH 1.2.25 on HP-UX allows access to new user accounts...

CVE-2025-48415

A USB backdoor feature can be triggered by attaching a USB drive that contains specially crafted "salia.ini" files. The .ini file can contain several "commands" that could be exploited by an attacker to export or modify the device configuration, enable an SSH backdoor or perform other...

CVE-2025-48416

An OpenSSH daemon listens on TCP port 22. There is a hard-coded entry in the "/etc/shadow" file in the firmware image for the "root" user. However, in the default SSH configuration the "PermitRootLogin" is disabled, preventing the root user from logging in via SSH. This configuration can be...

CVE-2025-48413

The /etc/passwd and /etc/shadow files reveal hard-coded password hashes for the operating system "root" user. The credentials are shipped with the update files. There is no option for deleting or changing their passwords for an enduser. An attacker can use the credentials to log into the device...

CVE-2025-48416 Backdoor Functionality via SSH in eCharge Hardy Barth cPH2 / cPP2 charging stations

An OpenSSH daemon listens on TCP port 22. There is a hard-coded entry in the "/etc/shadow" file in the firmware image for the "root" user. However, in the default SSH configuration the "PermitRootLogin" is disabled, preventing the root user from logging in via SSH. This configuration can be...

CVE-2025-48416 Backdoor Functionality via SSH in eCharge Hardy Barth cPH2 / cPP2 charging stations

An OpenSSH daemon listens on TCP port 22. There is a hard-coded entry in the "/etc/shadow" file in the firmware image for the "root" user. However, in the default SSH configuration the "PermitRootLogin" is disabled, preventing the root user from logging in via SSH. This configuration can be...

CVE-2025-48416

CVE-2025-48416 describes a vulnerability in an OpenSSH daemon where a hard-coded entry for root exists in the firmware image’s /etc/shadow. Despite PermitRootLogin being disabled by default, the credential can be bypassed or altered through multiple paths, enabling potential unauthorized root acc...

CVE-2025-48415

CVE-2025-48415 affects the eCharge Hardy Barth cPH2 and cPP2 charging stations. A USB backdoor feature can be triggered by attaching a USB drive containing specially crafted salia.ini files. The INI can specify multiple commands that attackers could use to export or modify device configuration, e...

CVE-2025-48413

CVE-2025-48413 affects the eCharge Hardy Barth cPH2 and cPP2 charging stations. The root cause is hard-coded password hashes stored in the system files /etc/passwd and /etc/shadow that are shipped with update files. This allows an attacker to log into the device, potentially via an SSH backdoor o...