DEBIAN-CVE-2023-51385

DEBIAN-CVE-2023-51385 PUBLISHED CVSS 6.5 MEDIUM

In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.

Risk Scores

CVSS 3.1

6.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Affected Products

Vendor	Product	Versions
Debian:13	openssh	0, 0, 0
Debian:12	openssh	0, 9.2, 9.2
Debian:14	openssh	0, 0, 0
Debian:11	openssh	8.4, 8.4, 0

Exploit Intelligence

一个验证对CVE-2023-51385 (github-poc-repo)
CVE-2023-51385 (github-poc-repo)
c0deur/CVE-2023-51385 (github-poc-repo)
MiningBot-eth/CVE-2023-51385-exploit (github-poc-repo)
This repository contains a proof-of-concept (PoC) for exploiting the OpenSSH ProxyCommand vulnerability — CVE-2025-51385 — affecting OpenSSH servers <9.6 Version (github-poc-repo)
This repository contains a proof-of-concept (PoC) for exploiting the OpenSSH ProxyCommand vulnerability — CVE-2025-51385 — affecting OpenSSH servers <9.6 Version (github-poc)
GroundCTL2MajorTom/CVE-2023-51385P-POC (github-poc)
GroundCTL2MajorTom/CVE-2023-51385POC (github-poc)
Featherw1t/CVE-2023-51385_test (github-poc)
MiningBot-eth/CVE-2023-51385-exploit (github-poc)

…and 17 more exploits

Timeline

Dec 18, 2023 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2023-51385 advisory

Open in Interactive Console →