Vulnerabilities > Dropbear SSH Project > Dropbear SSH > Critical

DATE CVE VULNERABILITY TITLE RISK
2017-03-03 CVE-2016-7406 Improper Input Validation vulnerability in Dropbear SSH Project Dropbear SSH
Format string vulnerability in Dropbear SSH before 2016.74 allows remote attackers to execute arbitrary code via format string specifiers in the (1) username or (2) host argument.
network
low complexity
dropbear-ssh-project CWE-20
critical
 10.0
10
2017-03-03 CVE-2016-7407 Improper Input Validation vulnerability in Dropbear SSH Project Dropbear SSH
The dropbearconvert command in Dropbear SSH before 2016.74 allows attackers to execute arbitrary code via a crafted OpenSSH key file.
network
low complexity
dropbear-ssh-project CWE-20
critical
 10.0
10