CVE-2025-61985 — LOW (3.6) — White Hats Nepal

Vulnerability Description

ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.

CVSS Score

3.6

LOW

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

LOW

Availability

NONE

Related Weaknesses (CWE)

CWE-158

References

https://marc.info/?l=openssh-unix-dev&m=175974522032149&w=2
https://www.openssh.com/releasenotes.html#10.1p1
https://www.openwall.com/lists/oss-security/2025/10/06/1

FAQ

What is CVE-2025-61985?

CVE-2025-61985 is a vulnerability with a CVSS score of 3.6 (LOW). ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.

How severe is CVE-2025-61985?

CVE-2025-61985 has been rated LOW with a CVSS base score of 3.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-61985?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.