Vulnerabilities > CVE-2020-26301 - Unspecified vulnerability in Ssh2 Project Ssh2

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

ssh2-project

critical

NVD

Published: 2021-09-20

Updated: 2024-11-21

Summary

ssh2 is client and server modules written in pure JavaScript for node.js. In ssh2 before version 1.4.0 there is a command injection vulnerability. The issue only exists on Windows. This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted input. This is fixed in version 1.4.0.

Vulnerable Configurations

Part	Description	Count
Application	Ssh2_Project Ssh2 Project Ssh2 - Ssh2 Project Ssh2 0.0.1 Ssh2 Project Ssh2 0.0.2 Ssh2 Project Ssh2 0.1.0 Ssh2 Project Ssh2 0.1.1 Ssh2 Project Ssh2 0.1.2 Ssh2 Project Ssh2 0.1.3 Ssh2 Project Ssh2 0.1.4 Ssh2 Project Ssh2 0.1.5 Ssh2 Project Ssh2 0.1.6 Ssh2 Project Ssh2 0.1.7 Ssh2 Project Ssh2 0.1.8 Ssh2 Project Ssh2 0.1.9 Ssh2 Project Ssh2 0.1.10 Ssh2 Project Ssh2 0.1.11 Ssh2 Project Ssh2 0.1.12 Ssh2 Project Ssh2 0.1.13 Ssh2 Project Ssh2 0.2.0 Ssh2 Project Ssh2 0.2.1 Ssh2 Project Ssh2 0.2.2 Ssh2 Project Ssh2 0.2.3 Ssh2 Project Ssh2 0.2.4 Ssh2 Project Ssh2 0.2.5 Ssh2 Project Ssh2 0.2.6 Ssh2 Project Ssh2 0.2.7 Ssh2 Project Ssh2 0.2.8 Ssh2 Project Ssh2 0.2.9 Ssh2 Project Ssh2 0.2.10 Ssh2 Project Ssh2 0.2.11 Ssh2 Project Ssh2 0.2.12 Ssh2 Project Ssh2 0.2.13 Ssh2 Project Ssh2 0.2.14 Ssh2 Project Ssh2 0.2.15 Ssh2 Project Ssh2 0.2.16 Ssh2 Project Ssh2 0.2.17 Ssh2 Project Ssh2 0.2.18 Ssh2 Project Ssh2 0.2.19 Ssh2 Project Ssh2 0.2.20 Ssh2 Project Ssh2 0.2.21 Ssh2 Project Ssh2 0.2.22 Ssh2 Project Ssh2 0.2.23 Ssh2 Project Ssh2 0.2.24 Ssh2 Project Ssh2 0.2.25 Ssh2 Project Ssh2 0.3.0 Ssh2 Project Ssh2 0.3.1 Ssh2 Project Ssh2 0.3.2 Ssh2 Project Ssh2 0.3.3 Ssh2 Project Ssh2 0.3.4 Ssh2 Project Ssh2 0.3.5 Ssh2 Project Ssh2 0.3.6 Ssh2 Project Ssh2 0.4.0 Ssh2 Project Ssh2 0.4.1 Ssh2 Project Ssh2 0.4.2 Ssh2 Project Ssh2 0.4.3 Ssh2 Project Ssh2 0.4.4 Ssh2 Project Ssh2 0.4.5 Ssh2 Project Ssh2 0.4.6 Ssh2 Project Ssh2 0.4.7 Ssh2 Project Ssh2 0.4.8 Ssh2 Project Ssh2 0.4.9 Ssh2 Project Ssh2 0.4.10 Ssh2 Project Ssh2 0.4.11 Ssh2 Project Ssh2 0.4.12 Ssh2 Project Ssh2 0.4.13 Ssh2 Project Ssh2 0.4.14 Ssh2 Project Ssh2 0.4.15 Ssh2 Project Ssh2 0.5.0 Ssh2 Project Ssh2 0.5.1 Ssh2 Project Ssh2 0.5.2 Ssh2 Project Ssh2 0.5.3 Ssh2 Project Ssh2 0.5.4 Ssh2 Project Ssh2 0.5.5 Ssh2 Project Ssh2 0.6.0 Ssh2 Project Ssh2 0.6.1 Ssh2 Project Ssh2 0.6.2 Ssh2 Project Ssh2 0.7.0 Ssh2 Project Ssh2 0.7.1 Ssh2 Project Ssh2 0.7.2 Ssh2 Project Ssh2 0.8.0 Ssh2 Project Ssh2 0.8.1 Ssh2 Project Ssh2 0.8.2 Ssh2 Project Ssh2 0.8.3 Ssh2 Project Ssh2 0.8.4 Ssh2 Project Ssh2 0.8.5 Ssh2 Project Ssh2 0.8.6 Ssh2 Project Ssh2 0.8.7 Ssh2 Project Ssh2 0.8.8 Ssh2 Project Ssh2 0.8.9 Ssh2 Project Ssh2 1.0.0 Ssh2 Project Ssh2 1.1.0 Ssh2 Project Ssh2 1.2.0 Ssh2 Project Ssh2 1.3.0	92
OS	Microsoft Microsoft Windows -	1

Summary

Vulnerable Configurations

References