The host is installed with OpenSSH before 7.4 and is prone to an untrusted search path vulnerability. A flaw is present in sshd, which fails to handle crafted data. Successful exploitation could allow remote attackers to execute arbitrary local PKCS#11 modules.