Vulnerability DatabaseCVE-2025-47203

CVE-2025-47203:
Linux Debian vulnerability analysis and mitigation

Overview

The vulnerability CVE-2025-47203 affects dbclient in Dropbear SSH versions before 2025.88. The vulnerability was discovered and disclosed in May 2025, allowing command injection through an untrusted hostname argument due to shell usage (NVD, CVE).

Technical details

The vulnerability is classified as an OS Command Injection vulnerability (CWE-78). It has been assigned a CVSS v3.1 base score of 4.5 (MEDIUM) with the vector string CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N, indicating local access, high attack complexity, no privileges required, no user interaction, changed scope, and low impact on confidentiality and integrity with no impact on availability (NVD).

Impact

The vulnerability allows attackers to perform command injection via an untrusted hostname argument in the dbclient component. This could potentially lead to unauthorized command execution with the privileges of the running process (Debian Tracker).

Mitigation and workarounds

The vulnerability has been fixed in Dropbear SSH version 2025.88. Users are advised to upgrade to this version or later to mitigate the risk. The fix has been implemented in the Debian sid release, while other versions (bullseye, bookworm, trixie) remain vulnerable (Debian Tracker).