On Monday, July 1, 2024. The Qualys Threat Research Unit published a security advisory detailing a re-introduction of a previously patched unauthenticated Remote Code Execution (RCE) vulnerability in OpenSSH’s server (sshd) on glibc-based Linux systems, assigned to CVE-2024-6387, dubbed regreSSHion.
Qualys reports that the following versions of OpenSSH are vulnerable to CVE-2024-6387:
Version | Vulnerable |
---|---|
OpenSSH < 4.4p1 | Yes (unless patches have been backported against (CVE-2006-5051 and CVE-2008-4109) |
4.4p1 <= OpenSSH < 8.5p1 | No |
8.5p1 <= OpenSSH < 9.8p1 | Yes |
The device model MHD-8100 4G Rev.1.1 is affected by the vulnerability.
Update your OS packages using a console command:
get-apt-updates
SMSEagle continuously monitors and reports cybersecurity threats, enabling our customers to proactively take necessary mitigation steps to maintain the security of their devices. To assist you in managing and mitigating security risks SMSEagle offers product advisories.
Company data
SMSEagle™ brand is owned & manufactured by
Proximus Sp. z o.o.
ul. Piatkowska 163
60-650 Poznan
Poland, EU
Phone: +48 61 6713 413
Contact us
SMSEagle is a professional hardware SMS gateway for sending and receiving SMS messages. The device is designed with focus on reliability and stability. SMS messages are sent/received directly to/from cellular network without using any external 3rd party solutions. The device has a range of built-in plugins that enable additional functionalities and easy to use API for integration with external applications.