检测

Erlang/OTP SSH Server 未经身份验证的远程命令执行 (CVE-2025-32433)(直接检查)

critical Nessus 插件 ID 242072

语言:

版本 1.9

Oct 21, 2025, 3:09 AM

  • Logic Changes (Implement workaround in SSH library to prevent triggering an engine bug.)

Plugin Feed: 202510210309

版本 1.8

Oct 16, 2025, 4:39 PM

  • Logic Changes (Implement workaround in HTTP library to prevent triggering an engine bug.)

Plugin Feed: 202510161639

版本 1.6

Oct 1, 2025, 9:12 PM

  • Logic Changes (Adding support for user-supplied header added to all HTTP requests.)

Plugin Feed: 202510012112

版本 1.5

Sep 30, 2025, 12:41 AM

  • Logic Changes (Add extra checks to see whether plugins should run. Modernisation of the HTTP/1 library. Various corrections and fixes for CPE related Flatline Test Failures. Remove spurious authentication header.)

Plugin Feed: 202509300041

版本 1.4

Aug 26, 2025, 7:20 AM

  • Logic Changes

Plugin Feed: 202508260720

版本 1.3

Jul 28, 2025, 4:47 PM

  • Logic Changes (RSA SSH certificates can use SHA2 signatures when needed)

Plugin Feed: 202507281647

版本 1.2

Jul 16, 2025, 6:26 PM

  • Exploit attributes ("Exploit available" set to "True")
  • CISA reference
  • CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:H/RL:OF/RC:C")
  • CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:H/RL:O/RC:C")
  • Exploit attributes ("Exploit framework metasploit" set to "True")
  • Exploit attributes ("Exploitability ease" set to "Exploits are available")
  • Exploit attributes ("Exploited by malware" set to "True")

Plugin Feed: 202507161826

版本 1.1

Jul 15, 2025, 2:39 AM

  • New

Plugin Feed: 202507150239

* Changelogs are generally available for changes made after Nov 1, 2022