- Last edited by a moderator:
- Replies: 1
Last edited by a moderator:
New OpenSSH Vulnerability Could Impact NAS Users: What You Need to Know
A critical vulnerability in OpenSSH, dubbed “regreSSHion” and assigned CVE-2024-6387, has been discovered by researchers at Qualys. This flaw, which allows for unauthenticated remote code execution (RCE) with root privileges on glibc-based Linux systems, poses a significant threat to various network-attached storage (NAS) systems widely used for secure remote login and file management. The vulnerability stems from a signal handler race condition in the OpenSSH server (sshd) and has been found to impact versions from 8.5p1 up to, but not including, 9.8p1. This discovery has significant implications, especially for environments where secure remote management and access are paramount.
Below is the link to the original Qualys Blog Post that covered this CVE
Continue reading...
- - -