来源

关联漏洞

描述

 Exploit Erlang/OTP SSH CVE-2025-32433 in a lab setup.

介绍

# Erlang-OTP-SSH-CVE-2025-32433

 Exploit Erlang/OTP SSH CVE-2025-32433 in a lab setup.

Erlang and its companion framework, the Open Telecom Platform (OTP), form a powerful ecosystem for building distributed fault-tolerant systems. Erlang is a programming language designed to build scalable real-time systems that require high availability. Originally, Erlang was developed by Ericsson for telecommunication systems; however, it has evolved over the years to become a solution for various distributed computing challenges.

Erlang is used not only by a large number of companies for product development but also by many universities for research and even teaching. You can learn more about Erlang at their official page.

OTP is a collection of middleware, libraries, and tools written in Erlang. Although the T in OTP stands for Telecom, OTP has evolved into a general-purpose framework for building distributed applications. In general, projects using Erlang are actually using Erlang along with its libraries, i.e., Erlang/OTP.

The Erlang/OTP SSH is an implementation of the SSH protocol as part of the Erlang OTP. It enables secure shell access and secure file transfers within Erlang-based systems. Recently, CVE-2025-32433, a critical vulnerability disclosed in the Erlang/OTP SSH implementation that allows unauthenticated remote code execution (RCE). This vulnerability was discovered by researchers from Ruhr University Bochum and has a CVSS score of 10.0 as it is considered critical.

文件快照

 [4.0K]  /data/pocs/ffeb5f1e9245bff2c402ac797b22cb933dd982da
└── [1.5K]  README.md

0 directories, 1 file

备注