CVE-2022-36633

Name of the Vulnerable Software and Affected Versions Teleport version 9.3.6

Description The issue allows for Command injection leading to Remote Code Execution. An attacker can craft a malicious ssh agent installation link by URL encoding a bash escape with carriage return line feed. This url encoded payload can be used in place of a token and sent to a user in a social engineering attack. The attack is fully unauthenticated and utilizes the trusted teleport server to deliver the payload.

Recommendations For Teleport version 9.3.6, as a temporary workaround, consider restricting access to the ssh agent installation link to minimize the risk of exploitation. Avoid using URL encoded payloads in place of tokens until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.