Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2025-15382

A heap buffer over-read vulnerability exists in the wolfSSH_CleanPath() function in wolfSSH. An authenticated remote attacker can trigger the issue via crafted SCP path input containing '/./' sequences, resulting in a heap over read by 1 byte.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 37.8%
CVSS Severity
CVSS v3 Score 8.1
Products affected by CVE-2025-15382
  • Wolfssh » Wolfssh » Version: 1.4.12
    cpe:2.3:a:wolfssh:wolfssh:1.4.12
  • Wolfssh » Wolfssh » Version: 1.4.13
    cpe:2.3:a:wolfssh:wolfssh:1.4.13
  • Wolfssh » Wolfssh » Version: 1.4.15
    cpe:2.3:a:wolfssh:wolfssh:1.4.15
  • Wolfssh » Wolfssh » Version: 1.4.16
    cpe:2.3:a:wolfssh:wolfssh:1.4.16
  • Wolfssh » Wolfssh » Version: 1.4.17
    cpe:2.3:a:wolfssh:wolfssh:1.4.17
  • Wolfssh » Wolfssh » Version: 1.4.18
    cpe:2.3:a:wolfssh:wolfssh:1.4.18
  • Wolfssh » Wolfssh » Version: 1.4.19
    cpe:2.3:a:wolfssh:wolfssh:1.4.19
  • Wolfssh » Wolfssh » Version: 1.4.20
    cpe:2.3:a:wolfssh:wolfssh:1.4.20
  • Wolfssh » Wolfssh » Version: 1.4.21
    cpe:2.3:a:wolfssh:wolfssh:1.4.21


Products
Pricing
Contact Us

Shodan ® - All rights reserved