Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2025-32433

Description

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules.

POC

Reference

- http://www.openwall.com/lists/oss-security/2025/04/18/2

- http://www.openwall.com/lists/oss-security/2025/04/18/6

- http://www.openwall.com/lists/oss-security/2025/04/19/1

Github

- https://github.com/0x7556/CVE-2025-32433

- https://github.com/0xMarcio/cve

- https://github.com/0xPThree/cve-2025-32433

- https://github.com/ARESHAmohanad/THM

- https://github.com/ARESHAmohanad/tryhackme

- https://github.com/ARPSyndicate/cve-scores

- https://github.com/Andromeda254/cve

- https://github.com/B1ack4sh/Blackash-CVE-2025-32433

- https://github.com/Ba3a-G/erlang-ssh-bypass

- https://github.com/C9b3rD3vi1/Erlang-OTP-SSH-CVE-2025-32433

- https://github.com/Chanith27/Web-and-Cybersecurity-Essentials

- https://github.com/Esther7171/THM-Walkthroughs

- https://github.com/Esther7171/TryHackMe-Walkthroughs

- https://github.com/GhostTroops/TOP

- https://github.com/J1ezds/Vulnerability-Wiki-page

- https://github.com/KarimLedesmaHaron/THM-Tutoriales

- https://github.com/Know56/CVE-2025-32433

- https://github.com/LemieOne/CVE-2025-32433

- https://github.com/Mdusmandasthaheer/CVE-2025-32433

- https://github.com/MrDreamReal/CVE-2025-32433

- https://github.com/NiteeshPujari/CVE-2025-32433-PoC

- https://github.com/ODST-Forge/CVE-2025-32433_PoC

- https://github.com/Ostorlab/KEV

- https://github.com/PuddinCat/GithubRepoSpider

- https://github.com/RUB-NDS/SSH-Strict-Kex-Violations-State-Learning-Artifacts

- https://github.com/Shinbatsu/awesome-tryhackme

- https://github.com/Shinbatsu/tryhackme-awesome

- https://github.com/TeneBrae93/CVE-2025-3243

- https://github.com/Threekiii/Awesome-POC

- https://github.com/WillGAndre/WillGAndre

- https://github.com/WillGAndre/explo

- https://github.com/Yuri08loveElaina/CVE-2025-32433-Erlang-OTP-SSH-Pre-Auth-RCE-exploit

- https://github.com/Yuri08loveElaina/CVE_2025_32433_exploit

- https://github.com/a1batr0ssG/VulhubExpand

- https://github.com/abrewer251/CVE-2025-32433_Erlang-OTP_PoC

- https://github.com/adnan-kutay-yuksel/tryhackme-all-rooms-database

- https://github.com/becrevex/CVE-2025-32433

- https://github.com/bilalz5-github/Erlang-OTP-SSH-CVE-2025-32433

- https://github.com/blacks1ph0n/ctf-free-rooms

- https://github.com/colinlyons29/redteam-walkthroughs

- https://github.com/darses/CVE-2025-32433

- https://github.com/dollarboysushil/CVE-2025-32433-Erlang-OTP-SSH-Unauthenticated-RCE

- https://github.com/ekomsSavior/POC_CVE-2025-32433

- https://github.com/exa-offsec/ssh_erlangotp_rce

- https://github.com/hackermexico/chacal

- https://github.com/iteride/CVE-2025-32433

- https://github.com/m0usem0use/erl_mouse

- https://github.com/meloppeitreet/CVE-2025-32433-Remote-Shell

- https://github.com/mirmeweu/cve-2025-32433

- https://github.com/nomi-sec/PoC-in-GitHub

- https://github.com/omer-efe-curkus/CVE-2025-32433-Erlang-OTP-SSH-RCE-PoC

- https://github.com/opendr-io/causality

- https://github.com/packetinside/CISA_BOT

- https://github.com/platsecurity/CVE-2025-32433

- https://github.com/plzheheplztrying/cve_monitor

- https://github.com/ps-interactive/lab_CVE-2025-32433

- https://github.com/rishabatra1802/TryHackMe_FreeRooms

- https://github.com/scandijamjam1/CVE-2025-32433

- https://github.com/tanjiti/sec_profile

- https://github.com/te0rwx/CVE-2025-32433-Detection

- https://github.com/teamtopkarl/CVE-2025-32433

- https://github.com/thmrevenant/tryhackme

- https://github.com/tobiasGuta/custom-poc

- https://github.com/ums91/CISA_BOT

- https://github.com/vigilante-1337/CVE-2025-32433

- https://github.com/w3workerz/THM-Walkthroughs

- https://github.com/w4zu/Debian_security

- https://github.com/yembors64632/cve_monitor_Public

- https://github.com/zhanpengliu-tencent/medium-cve