Does it even work with openssh example? Pwning the parser progress will let attacker spoof arbitrary communication, which in case of SSH lets them execute arbitrary commands. Or is there a smart way to work around that?

You can send arbitrary commands, but they will be rejected unless you provide valid credentials first.