CVE-2025-47203 log
| Source |
|
| Severity | Medium |
| Remote | Yes |
| Type | Arbitrary command execution |
| Description | dbclient in Dropbear SSH before 2025.88 allows command injection via an untrusted hostname argument, because a shell is used. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-2874 | dropbear | 2025.87-1 | 2025.88-1 | Medium | Fixed |
| Date | Advisory | Group | Package | Severity | Type |
|---|---|---|---|---|---|
| 19 May 2025 | ASA-202505-9 | AVG-2874 | dropbear | Medium | arbitrary command execution |
| References |
|---|
https://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2025q2/002385.html |