Primary

Context

WebSSH for iOS Denial-of-Service Vulnerability in mashREPL Tool

Vulnerability

A denial-of-service vulnerability has been identified in WebSSH for iOS version 14.16.10, specifically within the mashREPL tool. This vulnerability allows attackers to crash the application by pasting malformed input. The issue can be triggered by copying a 300-character buffer of repeated 'A' characters into the mashREPL input field, leading to the application's crash.

Impact

Exploitation of this vulnerability causes the WebSSH application to crash, disrupting any active sessions or tasks.

Reproduction

To reproduce this vulnerability, first copy a 300-character string of repeated 'A' characters to the clipboard. Then, open WebSSH for iOS and navigate to the mashREPL tool. Paste the copied string into the input field and press 'Enter'. The application will crash shortly after.

Added: Jan 16, 2026, 7:39 PM

Updated: Jan 16, 2026, 7:39 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.6

remediation

0.0

relevance

2.0

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.6

remediation

0.0

relevance

2.0

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

WebSSH for iOS Denial-of-Service Vulnerability in mashREPL Tool

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating