https://aretiq.ai/tags/ssh/Recent content in Ssh on Aretiq AIHugoen-usMon, 01 Jun 2026 00:00:00 +0000https://aretiq.ai/research/vul260601-cve-2026-48827-apache-mina-sshd-sshd-git-path-traversal-info-disclosure/Mon, 01 Jun 2026 00:00:00 +0000https://aretiq.ai/research/vul260601-cve-2026-48827-apache-mina-sshd-sshd-git-path-traversal-info-disclosure/<h2 id="1-overview">1. Overview</h2> <p>A path traversal vulnerability exists in the Apache MINA SSHD <code>sshd-git</code> module, which provides Git-over-SSH server functionality. The module fails to validate user-supplied repository paths for directory traversal sequences when handling <code>git-upload-pack</code> and <code>git-receive-pack</code> commands. An SSH-authenticated attacker can supply paths containing <code>../</code> to escape the configured Git root directory and access arbitrary Git repositories on the server filesystem, exfiltrating source code, configuration, and secrets. The vulnerability also permits unauthorized writes to repositories via <code>git-receive-pack</code> (push). Apache addressed this vulnerability in MINA SSHD 2.18.0 and 3.0.0-M4, released May 2026.</p>