wolfSSH Heap Buffer Over-Read Vulnerability in wolfSSH_CleanPath() Function

Vulnerability

A heap buffer over-read vulnerability has been identified in the wolfSSH_CleanPath() function of wolfSSH. This vulnerability allows an authenticated remote attacker to exploit the issue by sending crafted SCP path input that includes '/./' sequences. The exploitation of this vulnerability results in a heap over-read of 1 byte.

Impact

Exploitation of this vulnerability leads to a heap buffer over-read, which can potentially be used to disclose memory contents or cause other memory-related issues.

Added: Jan 6, 2026, 6:17 PM

Updated: Jan 6, 2026, 6:17 PM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

0.6

exploitability

3.3

remediation

0.0

relevance

1.9

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

0.6

exploitability

3.3

remediation

0.0

relevance

1.9

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

wolfSSH Heap Buffer Over-Read Vulnerability in wolfSSH_CleanPath() Function

Vulnerability

Impact

Affected Products

wolfSSL wolfSSH

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating