CNNVD-202510-2758 Information

CNNVD ID

CNNVD-202510-2758

Related CVE

CVE-2025-11625

• CNNVD Published: 2025-10-21

Description (Chinese)

wolfSSH是wolfSSL开源的一个小型、快速、可移植的 SSH 实现，包括对 SCP 和 SFTP 的支持。 wolfSSH 1.4.20及之前版本存在安全漏洞，该漏洞源于主机身份验证不当，可能导致身份验证绕过和客户端凭据泄露。

Description (English)

WolfSSH is a small, fast, portable SSH from the WolfSSL open source, including support for SCP and SFTP. There is a security loophole in the wolfSSH 1.4.20 and earlier versions, which stems from inadequate host identification, which may lead to the circumvention of the authentication and the disclosure of the client’s documents.

Hazard Level

High

Vulnerability Type

其他

Published

2025-10-21

Last Modified

2026-02-24

References

https://github.com/wolfSSL/wolfssh/pull/840