CVE-2025-14282 – privilege escalation via unix domain socket forwardings

CVE ID : CVE-2025-14282

Published : Feb. 12, 2026, 9:37 p.m. | 50 minutes ago

Description : A flaw was found in Dropbear. When running in multi-user mode and authenticating users, the dropbear ssh server does the socket forwardings requested by the remote client as root, only switching to the logged-in user upon spawning a shell or performing some operations like reading the user’s files. With the recent ability of also using unix domain sockets as the forwarding destination any user able to log in via ssh can connect to any unix socket with the root’s credentials, bypassing both file system restrictions and any SO_PEERCRED / SO_PASSCRED checks performed by the peer.

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-14282 – privilege escalation via unix domain socket forwardings

تکمیل ظرفیت سرور لهستان

سرور مناسب برای ترید و ارز دیجیتال

دیتاسنتر جدید در لهستان

سرور های جدید از اسپانیا

AMD EPYC & Ryzen از کشور انگلستان

آفر های جدید AMD EPYC و AMD Ryzen

آفر سرور اختصاصی از آمریکا

افزایش قیمت دامنه های ir از ۳۱ خرداد

افزایش قیمت جهانی دامنه .com

آفر های جدید سرور اختصاصی مرداد 1403

CVE-2019-25338 – Dokuwiki 2018-04-22b – Username Enumeration

سرور های جدید از روسیه-وارز

تخفیف ویژه دامنه .ASIA

ثبت دامنه .IO

انتقال رایگان پسوند دامنه PW

Kerio Control 9.2.4 Build 2223

نوشته های مشابه

CVE-2024-21961 – Intel PCIe Link Buffer Overflow Vulnerability

CVE-2025-40905 – WWW::OAuth 1.000 and earlier for Perl uses insecure rand() function for cryptographic functions

CVE-2026-26188 – Solspace Freeform plugin affected by Stored Cross-Site Scripting (XSS) in Freeform Craft Plugin CP UI (builder/integrations)

CVE-2025-70092 – OpenSourcePOS XSS Vulnerability in Item Kits Function