"303" Offers Fully-Functional Command Injection Exploit for OpenSSH 9.6

ยท

1 min read

Executive Summary

On June 7, 2024, "303," a member of BreachForums, posted an update about selling a local command injection (LCI) exploit affecting OpenSSH version 9.6. According to the post, the exploit was developed in Python 3 and allows reverse shell capabilities by executing commands on a compromised Linux server.

Cybercriminals can use this exploit for activities like information gathering, privilege escalation, file manipulation, remote code execution, and maintaining persistence on the affected server or endpoint. The threat actor confirmed that the exploit was successfully tested on Ubuntu OS.

The member account has a reputation score of 566.

Screenshot

References

Dark Web Reference: http[:]//breached26tezcofqla4adzyn22notfqwcac7gpbrleg4usehljwkgqd.onion/Thread-SELLING-OpenSSH-9-6-Local-Command-Injection-Exploit?pid=627616#pid627616

ย