Project Information

Name Project :POC - CVE-2024-6387 - Scanner

Last version :1.0.0

Last updated : 09/07/2024

Programming language : Python

Company name : acyber (IT Security Lab Iran)

CVE-2024-6387

regreSSHion, CVE-2024-6387, is an unauthenticated remote code execution in OpenSSH’s server (sshd) that grants full root access. It affects the default configuration and does not require user interaction. It poses a significant exploit risk.

About OpenSSH?

OpenSSH is a suite of secure networking utilities based on the SSH protocol that are essential for secure communication over unsecured networks. It provides robust encryption, secure file transfers, and remote server management. OpenSSH is widely used on Unix-like systems, including macOS and Linux, and it supports various encryption technologies and enforces robust access controls. Despite a recent vulnerability, OpenSSH maintains a strong security record, exemplifying a defense-in-depth approach and a critical tool for maintaining network communication confidentiality and integrity worldwide.

Contacts

• Author : Mohamamd javad Joshani Disfani (mr.mtwoj)
• Linkedin : https://ir.linkedin.com/in/joshani
• E-Mail : mr.mtwoj@gmail.com
• Website : www.acyber.ir
• Twitter : @mrmtwoj
• Github : https://github.com/mrmtwoj/CVE-2024-6387