CVE-2018-10933
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-10933
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
CWE-592
Source: NVD (National Vulnerability Database)
Vulnerability Title
libssh server-side state machine 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
libssh是一个用于访问SSH服务的C语言开发包,它能够执行远程命令、文件传输,同时为远程的程序提供安全的传输通道。server-side state machine是其中的一个服务器端状态机。 libssh的server-side state machine 0.7.6之前版本和0.8.4之前版本中存在安全漏洞。攻击者可借助恶意的客户端利用该漏洞在不进行身份验证的情况下创建通道,进而获取未授权的访问权限。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
II. Public POCs for CVE-2018-10933
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | CVE-2018-10933 very simple POC | https://github.com/SoledaD208/CVE-2018-10933 | POC Details |
| 2 | Spawn to shell without any credentials by using CVE-2018-10933 (LibSSH) | https://github.com/blacknbunny/CVE-2018-10933 | POC Details |
| 3 | CVE-2018-10933 sshlib user authentication attack - docker lab, test and exploit | https://github.com/hook-s3c/CVE-2018-10933 | POC Details |
| 4 | Leveraging it is a simple matter of presenting the server with the SSH2_MSG_USERAUTH_SUCCESS message, which shows that the login already occurred without a problem. The server expects the message SSH2_MSG_USERAUTH_REQUEST to start the authentication procedure, but by skipping it an attacker can log in without showing any credentials. | https://github.com/kn6869610/CVE-2018-10933 | POC Details |
| 5 | Script to identify hosts vulnerable to CVE-2018-10933 | https://github.com/gojhonny/libssh-scanner | POC Details |
| 6 | None | https://github.com/likescam/CVE-2018-10933_ssh | POC Details |
| 7 | None | https://github.com/likescam/CVE-2018-10933-libSSH-Authentication-Bypass | POC Details |
| 8 | Hunt for and Exploit the libSSH Authentication Bypass (CVE-2018-10933) | https://github.com/marco-lancini/hunt-for-cve-2018-10933 | POC Details |
| 9 | cve-2018-10933 libssh authentication bypass | https://github.com/hackerhouse-opensource/cve-2018-10933 | POC Details |
| 10 | None | https://github.com/cve-2018/cve-2018-10933 | POC Details |
| 11 | libssh CVE-2018-10933 | https://github.com/jas502n/CVE-2018-10933 | POC Details |
| 12 | Variant of hackerhouse-opensource/cve-2018-10933 | https://github.com/ninp0/cve-2018-10933_poc | POC Details |
| 13 | None | https://github.com/pghook/CVE-2018-10933_Scanner | POC Details |
| 14 | LibSSH Authentication Bypass Exploit using RCE | https://github.com/Virgula0/POC-CVE-2018-10933 | POC Details |
| 15 | CVE-2018-10933 | https://github.com/shifa123/pythonprojects-CVE-2018-10933 | POC Details |
| 16 | a python script to exploit libssh authentication vulnerability | https://github.com/xFreed0m/CVE-2018-10933 | POC Details |
| 17 | CVE-2018-10933 | https://github.com/Bifrozt/CVE-2018-10933 | POC Details |
| 18 | CVE-2018-10933 POC (LIBSSH) | https://github.com/r3dxpl0it/CVE-2018-10933 | POC Details |
| 19 | A libssh CVE-2018-10933 scanner written in rust | https://github.com/ivanacostarubio/libssh-scanner | POC Details |
| 20 | None | https://github.com/throwawayaccount12312312/precompiled-CVE-2018-10933 | POC Details |
| 21 | Multi-threaded, reliable scanner for CVE-2018-10933. | https://github.com/reanimat0r/bpnd-libssh | POC Details |
| 22 | None | https://github.com/ensimag-security/CVE-2018-10933 | POC Details |
| 23 | Implementation of CVE-2018-10933 with CIDR block scanner | https://github.com/0xadaw/libSSH-bypass | POC Details |
| 24 | libSSH bypass | https://github.com/sambiyal/CVE-2018-10933-POC | POC Details |
| 25 | LibSSH Authentication Bypass CVE-2018-10933 | https://github.com/nikhil1232/LibSSH-Authentication-Bypass | POC Details |
| 26 | Takes advantage of CVE-2018-10933 | https://github.com/Kurlee/LibSSH-exploit | POC Details |
| 27 | None | https://github.com/crispy-peppers/Libssh-server-CVE-2018-10933 | POC Details |
| 28 | Authentication Bypass in Server Code for LibSSH | https://github.com/youkergav/CVE-2018-10933 | POC Details |
| 29 | None | https://github.com/kristyna-mlcakova/CVE-2018-10933 | POC Details |
| 30 | None | https://github.com/lalishasanduwara/CVE-2018-10933 | POC Details |
| 31 | CVE-2018-10933_Scanner | https://github.com/JoSecMx/CVE-2018-10933_Scanner | POC Details |
| 32 | None | https://github.com/cyberharsh/Libssh-server-CVE-2018-10933 | POC Details |
| 33 | libSSH-Authentication-Bypass | https://github.com/Rubikcuv5/CVE-2018-10933 | POC Details |
| 34 | None | https://github.com/SilasSpringer/CVE-2018-10933 | POC Details |
| 35 | Proof of Concept for CVE-2018-10933 | https://github.com/HSw109/CVE-2018-10933-PoC | POC Details |
| 36 | Proof of Concept for CVE-2018-10933 | https://github.com/HSw109/CVE-2018-10933 | POC Details |
| 37 | Script to identify hosts vulnerable to CVE-2018-10933 | https://github.com/jobroche/libssh-scanner | POC Details |
| 38 | None | https://github.com/likekabin/CVE-2018-10933_ssh | POC Details |
| 39 | None | https://github.com/likekabin/CVE-2018-10933-libSSH-Authentication-Bypass | POC Details |
| 40 | None | https://github.com/Threekiii/Awesome-POC/blob/master/%E5%85%B6%E4%BB%96%E6%BC%8F%E6%B4%9E/Libssh%20%E6%9C%8D%E5%8A%A1%E7%AB%AF%E6%9D%83%E9%99%90%E8%AE%A4%E8%AF%81%E7%BB%95%E8%BF%87%E6%BC%8F%E6%B4%9E%20CVE-2018-10933.md | POC Details |
| 41 | https://github.com/vulhub/vulhub/blob/master/libssh/CVE-2018-10933/README.md | POC Details | |
| 42 | LibSSH authentification bypass | https://github.com/bidaoui4905/CVE-2018-10933 | POC Details |
| 43 | CVE-2018-10933 - LibSSH - Authentication Bypass | https://github.com/opsifiz/CVE-2018-10933 | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2018-10933
请登录查看更多情报信息。
- https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.htmlx_refsource_CONFIRM
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0016x_refsource_CONFIRM
- https://www.libssh.org/security/advisories/CVE-2018-10933.txtx_refsource_CONFIRM
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10933x_refsource_CONFIRM
- https://security.netapp.com/advisory/ntap-20190118-0002/x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2018-10933
IV. Related Vulnerabilities
Same product: libssh
- CVE-2026-3731
libssh SFTP Extension Name sftp.c sftp_extensions_get_data o - CVE-2025-5351
Libssh: double free vulnerability in libssh key export funct - CVE-2025-5372
Libssh: incorrect return code handling in ssh_kdf() in libss - CVE-2023-3603
Processing sftp server read may cause null dereference - CVE-2023-2283
libssh 授权问题漏洞
V. Comments for CVE-2018-10933
No comments yet