## https://sploitus.com/exploit?id=9D8432B9-49EC-5F45-BB96-329B1F2B2254
# CVE-2025-26466 (Metasploit module)
OpenSSH (versions 9.5p1 to 9.9p1) is vulnerable to a memory and CPU exhaustion DoS Attack by sending repeated SSH2_MSG_PING packets (type 192).
This occurs before authentication, and can result in server lockup due to poor queue/buffer handling.
## More information about that CVE:
```
https://nvd.nist.gov/vuln/detail/CVE-2025-26466
```
## How do I run this script?
Copy .rb file into your 'modules' folder, f.e.
`/usr/share/metasploit-framework/modules/auxiliary/dos/ssh`
Run Metasploit console and search for the module.
```
msfconsole
search ping_dos
```
## References
- https://blog.qualys.com/vulnerabilities-threat-research/2025/02/18/qualys-tru-discovers-two-vulnerabilities-in-openssh-cve-2025-26465-cve-2025-26466
## Disclaimer
I am sharing this just for educational purposes, you shall not use it on infrastructure you are not authorized to.
## Issues
That's my first project shared on GitHub. Feel free to leave comments about it, so I can learn and make it better.