CVE-2025-36546 F5OS Appliance Mode vulnerability

On an F5OS system, if the root user had previously configured the system to allow login via SSH key-based authentication, and then enabled Appliance Mode; access via SSH key-based authentication is still allowed. For an attacker to exploit this vulnerability they must obtain the root user's SSH...

CVE-2025-36546 F5OS Appliance Mode vulnerability

On an F5OS system, if the root user had previously configured the system to allow login via SSH key-based authentication, and then enabled Appliance Mode; access via SSH key-based authentication is still allowed. For an attacker to exploit this vulnerability they must obtain the root user's SSH...

CVE-2025-36546

CVE-2025-36546 affects F5OS (Aplpliance mode) where SSH key-based login remains allowed for the root user even after Appliance Mode is enabled, enabling potential unauthorized access if an attacker possesses the root SSH private key. The F5 advisories/Red Hat/NCSC entries describe the issue as a ...

openssh bug fix update

An update is available for openssh. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenSSH is an SSH protocol implementation supported by a number of Linux, UNI...

CVE-2025-47203

dbclient in Dropbear SSH before 2025.88 allows command injection via an untrusted hostname argument, because a shell is used...

CVE-2025-47203

dbclient in Dropbear SSH before 2025.88 allows command injection via an untrusted hostname argument, because a shell is used...

K000140574: F5OS Appliance Mode vulnerability CVE-2025-36546

Security Advisory Description On an F5OS system, if the root user configures the system to allow login using SSH key-based authentication and later enables appliance mode, the system still allows access using SSH key-based authentication. For an attacker to exploit this vulnerability they must...

python-asyncssh: Rogue Session Attack

A flaw was found in python-synch before the 2.14.1 versions, where the client can log in to the attacker's account without the client being able to detect this. This flaw allows an attacker to control the remote end of the SSH session completely, resulting in a complete break of the confidentiali...

CVE-2025-47203

dbclient in Dropbear SSH before 2025.88 allows command injection via an untrusted hostname argument, because a shell is used...

CVE-2025-47203

CVE-2025-47203 affects the Dropbear SSH package’s dbclient before version 2025.88. The vulnerability arises because a shell is used when processing the hostname argument, allowing an attacker to craft an untrusted hostname that can trigger command execution. Impact is described as arbitrary comma...

PT-2025-20286

Name of the Vulnerable Software and Affected Versions: Dropbear SSH versions prior to 2025.88 Description: The issue allows command injection via an untrusted hostname argument, because a shell is used. This occurs when the dbclient in Dropbear SSH is used with an untrusted hostname...

PT-2025-20304 · F5 · F5Os

Name of the Vulnerable Software and Affected Versions: F5OS affected versions not specified Description: The issue allows access via SSH key-based authentication even after Appliance Mode is enabled, if the root user had previously configured the system to allow such login. An attacker would need...

Do Not Preset authorized_keys for the SSH Service

authorizedkeys specifies the public key of the remote host. You can store the public key in the $HOME/.ssh/authorizedkeys file in the home directory for public key authentication. Then you can directly log in to the system. If authorizedkeys is preset in the system and public and private key...

Configure a Proper SSH Service Authentication Mode

A proper authentication mode helps ensure user and system data security. Typically, the user/password authentication mode is suitable for human-machine users. In non-interactive login scenarios, the public and private keys are suitable for authentication. In high-risk scenarios, only the public a...

Configure a Proper Number of Concurrent Sessions Allowed for a Single SSH Connection

SSH allows a client that supports multiplexing to establish multiple sessions based on a network connection. MaxSessions limits the number of concurrent SSH sessions that can be established for each network connection. This prevents system resources from being occupied by a single connection or a...

Do Not Use X11 Forwarding

The X11 forwarding function of SSH allows the GUI program of the remote host to be executed on the local host. If the X11 forwarding function is enabled, the attack surface is expanded and other users on the X11 server may attack the local host. If the function is not required in the service...

Enable PAM Authentication

Pluggable Authentication Modules PAM on the Linux platform provides a series of open source shared library files .so files. You can flexibly control the authentication process by configuring parameters. After PAM authentication is configured for SSH, the user authentication management module of t...

Bind Network Interfaces to the Correct Zones

Different filtering policies can be configured for different firewall zones. If the server network is complex and has multiple interfaces that provide different service functions, it is recommended that interfaces be configured in different zones and different firewall policies be configured. For...

CVE-2025-47203

dbclient in Dropbear SSH before 2025.88 allows command injection via an untrusted hostname argument, because a shell is used...

Configure Proper MACs Algorithms for the SSH Service

In cryptography, a message authentication code MAC is an authentication mechanism used by communication entities to check message integrity. If the configured algorithms are insecure, security risks increase because weak algorithms have been or are about to be cracked in the industry. The...