#VU23508 OS Command Injection


Published: 2019-12-11

Vulnerability identifier: #VU23508

Vulnerability risk: Medium

CVSSv3.1:

CVE-ID: CVE-2019-14889

CWE-ID: CWE-78

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
libssh
Universal components / Libraries / Libraries used by multiple products

Vendor: libssh

Description

The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.

The vulnerability exists due to incorrect handling of the SCP command parameters when initiating the connection within the ssh_scp_new() function. A remote attacker can trick victim into using a specially crafted SCP command to connect to a remote SCP server and execute arbitrary commands on the target server with privileges of the current user.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

libssh: 0.4.0 - 0.9.2


CPE

External links
http://www.libssh.org/security/advisories/CVE-2019-14889.txt


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?


Latest bulletins with this vulnerability