Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2019-1000018Command Injection in Rssh

CWE-77Command Injection8 documents6 sources
Severity
7.8HIGHNVD
EPSS
0.3%
top 48.11%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
5
RsshCanonical Ubuntu LinuxDebian Linux+2 more
Timeline
PublishedFeb 4
Latest updateApr 16

Description

rssh version 2.3.4 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in allowscp permission that can result in Local command execution. This attack appear to be exploitable via An authorized SSH user with the allowscp permission.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

Alpinerssh/rssh< 2.3.4-r2+9
NVDpizzashack/rssh2.3.4

Also affects: Debian Linux 8.0, 9.0, Fedora 29, 30, 31, Ubuntu Linux 14.04, 16.04, 18.04, 18.10

🔴Vulnerability Details

2
GHSA
GHSA-w832-4843-q4m8: rssh version 22022-05-13
OSV
CVE-2019-1000018: rssh version 22019-02-04

💥Exploits & PoCs

1
Exploit-DB
Ruckus IoT Controller 1.7.1.0 - Undocumented Backdoor Account2025-04-16

📋Vendor Advisories

1
Ubuntu
rssh vulnerabilities2019-04-11

💬Community

3
Bugzilla
CVE-2019-1000018 rssh: Possible allowscp bypass resulting in arbitrary code execution [epel-all]2019-01-31
Bugzilla
CVE-2019-1000018 rssh: Possible allowscp bypass resulting in arbitrary code execution2019-01-31
Bugzilla
CVE-2019-1000018 rssh: Possible allowscp bypass resulting in arbitrary code execution [fedora-all]2019-01-31
CVE-2019-1000018 — Command Injection in Pizzashack Rssh | cvebase