AsyncSSH CVE-2026-45309
MEDIUMSeverity by source
AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Primary rating from SUSE · only source for this CVE.
Lifecycle Timeline
2Blast Radius
ecosystem impact- 14 pypi packages depend on asyncssh (6 direct, 8 indirect)
Ecosystem-wide dependent count for version 2.22.0.
DescriptionCVE.org
Summary
AsyncSSH 2.22.0 expands the OpenSSH-compatible AuthorizedKeysFile %u token with the raw SSH username during pre-authentication server config reload. A server configured with a documented per-user key pattern such as AuthorizedKeysFile authorized_keys/%u can be made to read an authorized-keys file outside the intended directory when the SSH username contains path traversal segments. If the attacker can place or reference a readable authorized-keys-format file containing their public key, the attacker can authenticate over SSH as the traversal username.
Affected Product
- Package: asyncssh
- Ecosystem: pip
- Affected versions: confirmed on 2.22.0; exact lower bound not finalized
- Tested version: 2.22.0
- Audit commit/tag: tag
v2.22.0, commitaf5a81e669633d83d535163f93b6bf3f957c9238 - PyPI sdist SHA256:
c3ce72b01be4f97b40e62844dd384227e5ff5a401a3793007c42f86a5c8eb537
Vulnerability Details
- CWE: CWE-22: Improper Limitation of a Pathname to a Restricted Directory
- Component: AsyncSSH server config reload and public-key authentication (
asyncssh/config.py,asyncssh/connection.py,asyncssh/auth_keys.py,asyncssh/misc.py) - Root cause:
%uinAuthorizedKeysFileis expanded from the remote username without rejecting path separators or..segments, and the resulting path is opened without constraining it to the intended authorized-keys directory. - Security boundary violated: the configured authorized-keys directory and public-key authentication trust boundary.
- Direct impact: public-key authentication succeeds using an attacker-selected authorized-keys file outside the intended directory.
- Chain impact, if any: none claimed; direct authentication impact is primary.
Attack Preconditions
- The AsyncSSH server uses a config or equivalent pattern where
AuthorizedKeysFilecontains%u, for exampleAuthorizedKeysFile authorized_keys/%u. - Public-key authentication is enabled.
- The attacker can place or reference a readable authorized-keys-format file outside the intended directory, such as a file in a world-writable or application-writable location.
- The application does not separately reject usernames containing
/,\, or..before AsyncSSH uses the username for key-file selection.
Reproduction
The run-scoped evidence contains a safe localhost proof:
- Start the proof harness saved at
- Run
exploit_proof.py through run_proof.sh
- The harness creates
sshd_configwithAuthorizedKeysFile authorized_keys/%u, writes the attacker's public key to a file outsideauthorized_keys/, starts a real AsyncSSH server, and attempts two SSH logins. - Expected result: the normal username
victimfails, while the traversal username authenticates with the same attacker key.
Observed proof output:
[CONTROL] username=victim success=False
[ATTACK] username=../../../asyncssh-proof-exploit-proof-8b2bd23daeeb.pub success=True
[ATTACK] output=AUTH_BYPASS_SUCCESS username=../../../asyncssh-proof-exploit-proof-8b2bd23daeeb.pub
PASS: traversal username authenticated with attacker-controlled authorized_keys fileAnalysisAI
Path traversal in AsyncSSH 2.22.0's AuthorizedKeysFile %u token expansion allows an unauthenticated remote attacker to bypass SSH public-key authentication by supplying a crafted username containing directory traversal sequences. Servers configured with per-user key patterns such as AuthorizedKeysFile authorized_keys/%u are vulnerable when an attacker can place or reference a readable authorized-keys-format file at a filesystem path reachable by traversal from the configured directory. Publicly available exploit code exists demonstrating successful authentication bypass; KEV status is not confirmed at time of analysis.
Technical ContextAI
AsyncSSH is a Python asyncio-based SSH protocol library. It implements OpenSSH-compatible server configuration directives including AuthorizedKeysFile, which supports token substitution for per-user key file resolution. The %u token is intended to be replaced with the authenticated username to locate that user's authorized keys. The vulnerability (CWE-22: Improper Limitation of a Pathname to a Restricted Directory) exists because the raw SSH username supplied during the pre-authentication handshake is substituted for %u in asyncssh/config.py without rejecting or stripping path separators (/) or parent-directory references (..), and the resulting path is opened in asyncssh/auth_keys.py without constraining it to the intended authorized-keys directory. The affected package is pkg:pip/asyncssh, confirmed at commit af5a81e669633d83d535163f93b6bf3f957c9238 (tag v2.22.0). The security boundary violated is the trust relationship between the configured authorized-keys directory and the SSH server's key lookup mechanism.
RemediationAI
Upgrade to AsyncSSH 2.23.0, which is the vendor-released patch per GHSA-g794-3fmp-753h (https://github.com/ronf/asyncssh/security/advisories/GHSA-g794-3fmp-753h). If immediate upgrade is not possible, apply one or more compensating controls: (1) Remove %u from all AuthorizedKeysFile directives and replace with static per-user absolute paths - this eliminates the token expansion entirely but requires manual configuration for each user and will break dynamic user provisioning workflows. (2) Validate and reject SSH usernames containing /, \, or .. at the application layer before AsyncSSH processes them; note this requires the application to intercept usernames in the pre-authentication phase, which may necessitate custom server-side wrappers and carries risk of incomplete filtering if encoding variants are possible. (3) Harden the filesystem so no attacker-writable or world-writable files exist at any path reachable by traversal from the authorized-keys directory - this is a defense-in-depth measure and does not eliminate the vulnerability, only raises the bar for the file-placement precondition. Patch version 2.23.0 is independently confirmed by PyPI package data and the maintainer advisory.
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, whi
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of
freeSSHd.exe in freeSSHd through 1.2.6 allows remote attackers to bypass authentication via a crafted session, as demons
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, whi
OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. Rated medium se
sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static
The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processin
The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password a
Remote code execution in OpenSSH's sshd server (regression of CVE-2006-5051) allows unauthenticated remote attackers to
The SSH USERAUTH CHANGE REQUEST feature in SSH Tectia Server 6.0.4 through 6.0.20, 6.1.0 through 6.1.12, 6.2.0 through 6
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remot
Same weakness CWE-22 – Path Traversal
View allSame technique Path Traversal
View allVendor StatusVendor
SUSE
Severity: ModerateShare
External POC / Exploit Code
Leaving vuln.today
GHSA-g794-3fmp-753h