dropbear

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Lightweight SSH server
Version 2025.88-1 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-2874 2025.87-1 2025.88-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2025-47203 AVG-2874 Medium Yes Arbitrary command execution
dbclient in Dropbear SSH before 2025.88 allows command injection via an untrusted hostname argument, because a shell is used.

Advisories

Date Advisory Group Severity Type
19 May 2025 ASA-202505-9 AVG-2874 Medium arbitrary command execution