Vulnerabilities > CVE-2021-45099 - Unspecified vulnerability in SSH & web Terminal Project SSH & web Terminal

047910
CVSS 8.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
ssh-web-terminal-project

Summary

The addon.stdin service in addon-ssh (aka Home Assistant Community Add-on: SSH & Web Terminal) before 10.0.0 has an attack surface that requires social engineering. NOTE: the vendor does not agree that this is a vulnerability; however, addon.stdin was removed as a defense-in-depth measure against complex social engineering situations

Vulnerable Configurations

Part Description Count
Application
Ssh_\&_Web_Terminal_Project
83