Ssh-2.0-cisco-1.25 Vulnerability -

The string is a version identifier frequently returned by the Secure Shell (SSH) server on Cisco IOS and IOS XE devices during a protocol handshake. While this specific string describes the Cisco implementation of the SSH-2.0 protocol rather than a single vulnerability, devices reporting this version have recently been linked to a maximum-severity flaw (CVSS 10.0) in the underlying Erlang/OTP SSH server implementation. The Critical Erlang/OTP SSH Vulnerability

A successful exploit allows for unauthenticated remote code execution (RCE) on the target system. This can lead to full system compromise, including unauthorized data access and denial of service (DoS). ssh-2.0-cisco-1.25 vulnerability

In April 2025, a critical vulnerability was disclosed affecting the Erlang/OTP SSH server, which is embedded in various Cisco products and telecommunications systems. The string is a version identifier frequently returned