Severity by source
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AC:H because exploitation needs both an untrusted username on the command line and a non-default %-expansion ssh_config; PR:N as the attacker only supplies input; full command execution yields C/I/A:H.
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
9DescriptionNVD
In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username on the command line is untrusted, and also requires a non-default configurations of % in ssh_config.
AnalysisAI
Argument/command injection in OpenSSH before 10.3 lets shell metacharacters embedded in an untrusted username trigger command execution on the SSH-client host. It affects deployments that both feed an attacker-influenced username to the ssh command line and use a non-default ssh_config where %-token expansion (e.g. in ProxyCommand/LocalCommand) is enabled. There is no public exploit identified at time of analysis, EPSS is negligible (0.01%), and it is not in CISA KEV; a fixed release (10.3/10.3p1) is available.
Technical ContextAI
OpenSSH is the OpenBSD-maintained SSH client/server suite (CPE cpe:2.3:a:openbsd:openssh) that ships as the default SSH implementation on virtually all Linux/BSD/macOS systems. The ssh_config directives ProxyCommand, LocalCommand and similar support percent-token expansion, where tokens such as %r (remote username) and %u are substituted into a string that is subsequently handed to a shell. CWE-696 (Incorrect Behavior Order) is the root cause: the username value is expanded into the command string before it is properly neutralized, so shell metacharacters in the username survive into shell interpretation. When an application or wrapper passes a username derived from untrusted input to ssh, and the local ssh_config uses these %-tokens, the metacharacters are executed rather than treated as literal text.
RemediationAI
Vendor-released patch: upgrade to OpenSSH 10.3 (portable 10.3p1) or later per the OpenSSH release notes (https://www.openssh.org/releasenotes.html#10.3p1); on Ubuntu apply the packaged fix from USN-8222-1 (https://ubuntu.com/security/notices/USN-8222-1) and equivalent distro updates elsewhere. If immediate patching is not possible, eliminate the trigger conditions: stop passing untrusted or externally-derived usernames directly onto the ssh command line (validate/allowlist usernames to safe characters before invoking ssh), and review ssh_config and ssh_config.d for ProxyCommand, LocalCommand or other directives using %r/%u tokens, removing or hardening them where the username is not fully trusted - the trade-off is loss of the dynamic proxy/local-command behavior those directives provide. These controls address the exact preconditions rather than relying on generic defense in depth.
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, whi
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of
freeSSHd.exe in freeSSHd through 1.2.6 allows remote attackers to bypass authentication via a crafted session, as demons
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, whi
OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. Rated medium se
sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static
The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processin
The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password a
Remote code execution in OpenSSH's sshd server (regression of CVE-2006-5051) allows unauthenticated remote attackers to
The SSH USERAUTH CHANGE REQUEST feature in SSH Tectia Server 6.0.4 through 6.0.20, 6.1.0 through 6.1.12, 6.2.0 through 6
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remot
Same weakness CWE-696 – Incorrect Behavior Order
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-18400