CVE-2012-10060

Critical CVSS 9.3

Overview

Sysax Multi Server versions prior to 5.55 contains a stack-based buffer overflow in its SSH service. When a remote attacker supplies an overly long username during authentication, the server copies the input to a fixed-size stack buffer without proper bounds checking. This allows remote code execution under the context of the service.

CWE: CWE-121 Published: 2025-08-13T21:15:30.600

Risk analysis

This vulnerability is rated 🔴 CRITICAL.

CVSS: 9.3 (CRITICAL)
Detected tags: buffer, rce (tag impact: VERY HIGH)

Recommended actions:

Patch/upgrade immediately (remote code execution).
Reduce exposure (WAF/segmentation), minimize attack surface.

Overview

Recommended tools

Tags