John immediately reported the vulnerability to Bitvise, and the company quickly released a patch to fix the issue. He was rewarded with a generous bug bounty for his discovery.
: This allows the attacker to silently disable security features such as keystroke timing obfuscation or newer public key algorithms, making further exploitation easier. Version-Specific Issues in 8.48 According to the Bitvise 8.xx Version History bitvise winsshd 8.48 exploit
: Versions in the 8.xx branch were found to have a race condition that could cause the server to crash on startup. John immediately reported the vulnerability to Bitvise, and