Hello support team,
We are running a WingFTP server v6.4.8.
Our security team warn us about an SSH vulnerability CVE 2023-48795 "Terrapin Attack".
ALL SSH servers that support ChaCha20-Poly1305 and CBC-EtM algorithms and do not support Strict Key Exchange are vulnerable.
I don't find a patch that fixes this vulnerability.
Please offer a solution.
Thank you!
SSH CVE 2023-48795
-
- Site Admin
- Posts: 2091
- Joined: Tue Sep 29, 2009 6:09 am
Re: SSH CVE 2023-48795
OK, so please upgrade to v7.3.0 first, then click all the buttons "Reset to Default" under "Server > Settings > General Settings > Security" and click the button "OK" to save it.