← Zuruck zu CVEs
CVE-2019-25590
MEDIUM6.2
Beschreibung
Axessh 4.2 contains a denial of service vulnerability in the logging configuration that allows local attackers to crash the application by supplying an excessively long string in the log file name field. Attackers can enable session logging, paste a buffer of 500 or more characters into the log file name parameter, and trigger a crash when establishing a telnet connection.
CVE Details
CVSS v3.1 Bewertung6.2
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AngriffsvektorLOCAL
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht3/22/2026
Zuletzt geandert3/23/2026
Quellenvd
Honeypot-Sichtungen0
Schwachen (CWE)
CWE-1282
Referenzen
http://www.labf.com(disclosure@vulncheck.com)
http://www.labf.com/download/axessh.exe(disclosure@vulncheck.com)
https://www.exploit-db.com/exploits/46858(disclosure@vulncheck.com)
https://www.vulncheck.com/advisories/axessh-denial-of-service-via-log-file-name(disclosure@vulncheck.com)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.