OpenSSH prior to 2.9.9, when running sftp using sftp-server and using restricted keypairs, allows remote authenticated users to bypass authorized_keys2 command= restrictions using sftp commands.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openbsd openssh |