CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

OSV•added 2022/05/24 7:15 p.m.•21 views

GHSA-4258-VCJW-WWXX furlongm openvpn-monitor command injection

furlongm openvpn-monitor through 1.1.3 allows %0a command injection via the OpenVPN management interface socket. This can shut down the server via signal SIGTERM...

8.7CVSS7.8AI score0.02194EPSS

Exploits2References5

OSV•added 2022/05/24 7:15 p.m.•15 views

GHSA-5W5C-3G26-8MMC furlongm openvpn-monitor allows Authorization Bypass to disconnect arbitrary clients

furlongm openvpn-monitor through 1.1.3 allows Authorization Bypass to disconnect arbitrary clients...

8.7CVSS7.4AI score0.0108EPSS

Exploits6References6

OSV•added 2021/09/27 6:15 a.m.•14 views

CVE-2021-31606

furlongm openvpn-monitor through 1.1.3 allows Authorization Bypass to disconnect arbitrary clients...

7.5CVSS7.5AI score

Exploits0References3

OSV•added 2021/09/27 6:15 a.m.•13 views

CVE-2021-31605

furlongm openvpn-monitor through 1.1.3 allows %0a command injection via the OpenVPN management interface socket. This can shut down the server via signal%20SIGTERM...

7.5CVSS7.9AI score

Exploits0References2

OSV•added 2021/09/27 6:15 a.m.•13 views

PYSEC-2021-352

furlongm openvpn-monitor through 1.1.3 allows CSRF to disconnect an arbitrary client...

6.5CVSS2.7AI score0.00111EPSS

Exploits3References2

Prion•added 2021/09/27 6:15 a.m.•9 views

Authorization

furlongm openvpn-monitor through 1.1.3 allows Authorization Bypass to disconnect arbitrary clients...

5CVSS7.5AI score0.0108EPSS

Exploits6References3Affected Software1

Prion•added 2021/09/27 6:15 a.m.•11 views

Command injection

furlongm openvpn-monitor through 1.1.3 allows %0a command injection via the OpenVPN management interface socket. This can shut down the server via signal%20SIGTERM...

7.8CVSS7.9AI score0.02194EPSS

Exploits2References2Affected Software1

CVE•added 2021/09/27 5:35 a.m.•82 views

CVE-2021-31605

The CVE-2021-31605 issue affects furlongm openvpn-monitor up to version 1.1.3, where an input path of %0a allows command injection via the OpenVPN management interface socket. The underlying consequence stated is the potential shutdown of the server through signal SIGTERM. The Red Hat advisory an...

7.8CVSS7.7AI score0.02194EPSS

Exploits2References2Affected Software1

CVE•added 2021/09/27 5:32 a.m.•76 views

CVE-2021-31604

CVE-2021-31604 affects furlongm/openvpn-monitor up to version 1.1.3. The issue is a cross-site request forgery (CSRF) that allows disconnecting an arbitrary client. Root cause: CSRF in the disconnect action handling. Impact is described as an ability to disrupt a client connection; CVSS data in t...

6.5CVSS6.5AI score0.00111EPSS

Exploits3References2Affected Software1

CVE•added 2021/09/27 12:0 a.m.•76 views

CVE-2021-31606

CVE-2021-31606 affects furlongm openvpn-monitor up to and including version 1.1.3. The issue allows an Authorization Bypass that lets an attacker disconnect arbitrary clients. Exploitation details are not provided in the included documents beyond the bypass capability. The Red Hat, GHSA, OSV, and...

7.5CVSS7.3AI score0.0108EPSS

Exploits6References3Affected Software1

Positive Technologies•added 2021/09/27 12:0 a.m.•3 views

PT-2021-19445 · Furlongm · Openvpn-Monitor

Name of the Vulnerable Software and Affected Versions: furlongm openvpn-monitor versions 1.1.3 and earlier Description: The issue allows for Authorization Bypass, enabling the disconnection of arbitrary clients. Recommendations: For furlongm openvpn-monitor versions 1.1.3 and earlier, update to a...

8.7CVSS7.3AI score0.0108EPSS

Exploits6References14

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by