CVE-2018-7750

CVE Database · CVE-2018-7750

CVE-2018-7750

· CRITICALModified

CVSS v3.1

9.8

EPSS

27.07%

Published

Mar 13, 2018

Modified

Nov 21, 2024

Public PoC / Exploit (2)

All weaponized →

Exploit-DBParamiko 2.4.1 - Authentication Bypass TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-287

Affected Products (23)

paramiko · paramiko (up to 1.17.6)vulnerable

paramiko · paramiko (up to 1.18.5)vulnerable

paramiko · paramiko (up to 2.0.8)vulnerable

paramiko · paramiko (up to 2.1.5)vulnerable

paramiko · paramiko (up to 2.2.3)vulnerable

paramiko · paramiko (up to 2.3.2)vulnerable

paramiko · paramikovulnerable