CVE-2018-8780

Risk Scores

Affected Products

Exploit Intelligence

• CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
• CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
• CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
• CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
• CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
• CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
• CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
• CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
• The possibility that unintended file operation may be performed because some methods of `Dir` do not check NULL characters. (hackerone)
• The possibility that unintended file operation may be performed because some methods of `Dir` do not check NULL characters. (hackerone)

…and 1 more exploits

Timeline

• CVE Published
• Apr 1, 2018 PoC Published
• Apr 14, 2021 EPSS Score
• Feb 4, 2022 EPSS Score
• Mar 7, 2023 EPSS Score
• Mar 17, 2025 EPSS Score
• Mar 29, 2025 EPSS Score
• Mar 30, 2025 EPSS Score
• Apr 4, 2025 EPSS Score
• Apr 5, 2025 EPSS Score
• Apr 13, 2025 EPSS Score
• May 30, 2025 EPSS Score

References

• ALAS-2018-983: ruby20, ruby22, ruby23, ruby24 (medium) advisory