Vulnerability identifier: #VU93513

Vulnerability risk: High

CVSSv3.1: 7.3 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2024-6387

CWE-ID: CWE-362

Exploitation vector: Network

Exploits in database: 9

• August 16, 2024
  • CVE-202406387_Check.py [Github]
• August 2, 2024
  • ssh_poc2024 (An exploit for CVE-2024-6387, targeting a signal handler race condition in OpenSSH's server ) [Github]
• July 26, 2024
  • CVE-2024-6387 [Github]
• July 19, 2024
  • CVE-2024-6387 [Github]
  • CVE-2024-6387 [Github]
• July 12, 2024
  • CVE-2024-6387 [Github]
• July 5, 2024
  • CVE-2024-6387-CHECK [Github]
  • cve-2024-6387-poc [Github]
  • CVE-2024-6387-PoC [Github]

Impact: Code execution

Vulnerable software:
OpenSSH
Server applications / Remote management servers, RDP, SSH

Vendor: OpenSSH