CVE-2025-47203 — MEDIUM (4.5)

Vulnerability Description

dbclient in Dropbear SSH before 2025.88 allows command injection via an untrusted hostname argument, because a shell is used.

CVSS Score

4.5

MEDIUM

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality

LOW

Integrity

LOW

Availability

NONE

Related Weaknesses (CWE)

CWE-78

References

https://github.com/mkj/dropbear/blob/master/CHANGES
https://github.com/mkj/dropbear/blob/master/src/cli-main.c
http://www.openwall.com/lists/oss-security/2025/05/09/4
http://www.openwall.com/lists/oss-security/2025/05/12/6
http://www.openwall.com/lists/oss-security/2025/05/13/1
http://www.openwall.com/lists/oss-security/2025/05/13/10
http://www.openwall.com/lists/oss-security/2025/05/13/3
https://lists.debian.org/debian-lts-announce/2025/05/msg00020.html

FAQ

What is CVE-2025-47203?

CVE-2025-47203 is a vulnerability with a CVSS score of 4.5 (MEDIUM). dbclient in Dropbear SSH before 2025.88 allows command injection via an untrusted hostname argument, because a shell is used.

How severe is CVE-2025-47203?

CVE-2025-47203 has been rated MEDIUM with a CVSS base score of 4.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-47203?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.