Apart from the mitigation measures included in the post I would also recommend:

- Restrict access to ports handled by `sslh` using a firewall or access control lists.
- Monitor for unusual or malformed connection attempts using tools like `tcpdump`, `fail2ban`, or `Zeek`.

noknees

Two critical vulnerabilities in sslh, a popular protocol demultiplexer that allows multiple services to share the same network port.

The flaws tracked as CVE-2025-46807 and CVE-2025-46806 could be exploited remotely to trigger denial-of-service (DoS) attacks.

The vulnerabilities affect sslh versions prior to v2.2.4, with fixes now available in the latest release.

security

Two critical vulnerabilities in sslh, a popular protocol demultiplexer that allows multiple services to share the same network port. 

The flaws tracked as CVE-2025-46807 and CVE-2025-46806 could be exploited remotely to trigger denial-of-service (DoS) attacks. 

The vulnerabilities affect sslh versions prior to v2.2.4, with fixes now available in the latest release.