cve/2021/CVE-2021-45099.md

### [CVE-2021-45099](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45099)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

** DISPUTED ** The addon.stdin service in addon-ssh (aka Home Assistant Community Add-on: SSH & Web Terminal) before 10.0.0 has an attack surface that requires social engineering. NOTE: the vendor does not agree that this is a vulnerability; however, addon.stdin was removed as a defense-in-depth measure against complex social engineering situations.

### POC

#### Reference
- https://gist.github.com/Eriner/0872628519f70556d2c26c83439a9f67

#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Eriner/eriner
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2021-45099](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45099)`
			`![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			` DISPUTED The addon.stdin service in addon-ssh (aka Home Assistant Community Add-on: SSH & Web Terminal) before 10.0.0 has an attack surface that requires social engineering. NOTE: the vendor does not agree that this is a vulnerability; however, addon.stdin was removed as a defense-in-depth measure against complex social engineering situations.`

			`### POC`

			`#### Reference`
			`- https://gist.github.com/Eriner/0872628519f70556d2c26c83439a9f67`

			`#### Github`
			`- https://github.com/ARPSyndicate/cvemon`
			`- https://github.com/Eriner/eriner`