2376 matches found
CVE-2026-41070 openvpn-auth-oauth2 returns FUNC_SUCCESS on client-deny, allowing unauthenticated VPN access
openvpn-auth-oauth2 is a plugin/management interface client for OpenVPN server to handle an OIDC based single sign-on SSO auth flows. From version 1.26.3 to before version 1.27.3, when openvpn-auth-oauth2 is deployed in the experimental plugin mode shared library loaded by OpenVPN via the plugin...
CVE-2026-41070 openvpn-auth-oauth2 returns FUNC_SUCCESS on client-deny, allowing unauthenticated VPN access
openvpn-auth-oauth2 is a plugin/management interface client for OpenVPN server to handle an OIDC based single sign-on SSO auth flows. From version 1.26.3 to before version 1.27.3, when openvpn-auth-oauth2 is deployed in the experimental plugin mode shared library loaded by OpenVPN via the plugin...
CVE-2026-41070
OpenVPN OAuth2 plugin flaw exists in the experimental plugin mode: from v1.26.3 to before v1.27.3, clients that do not support WebAuth/SSO (e.g., Linux openvpn CLI) could be admitted even when authentication logic denied access. Root cause: in handleAuthUserPassVerify, ClientAuthDeny wrote "0" to...
CVE-2026-41070
openvpn-auth-oauth2 is a plugin/management interface client for OpenVPN server to handle an OIDC based single sign-on SSO auth flows. From version 1.26.3 to before version 1.27.3, when openvpn-auth-oauth2 is deployed in the experimental plugin mode shared library loaded by OpenVPN via the plugin...
CVE-2026-41070
openvpn-auth-oauth2 is a plugin/management interface client for OpenVPN server to handle an OIDC based single sign-on SSO auth flows. From version 1.26.3 to before version 1.27.3, when openvpn-auth-oauth2 is deployed in the experimental plugin mode shared library loaded by OpenVPN via the plugin...
openvpn-auth-oauth2 授权问题漏洞
OpenVPN-Auth-OAuth2 is a single-signpoint login authentication integration tool developed by Jan-Otto Kröpke. In versions 1.26.3 to 1.27.3 of OpenVPN-Auth-OAuth2, there were authorization-related vulnerabilities. These vulnerabilities occurred when clients did not support WebAuth/SSO in...
MikroTik RouterOS <= 7.20 Authentication Bypass via Improper Certificate Validation (CVE-2025-42611)
According to its self-reported version, the remote networking device is running a version of MikroTik RouterOS 7.x prior to or equal to 7.20. It is, therefore, affected by an authentication bypass vulnerability caused by improper certificate validation. The vulnerability lies in shared certificat...
CVE-2026-30815
An OS command injection vulnerability in the OpenVPN module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to execute system commands when a specially crafted configuration file is processed due to insufficient input validation. Successful exploitation may allow modificatio...
CVE-2026-30816
An external control of configuration vulnerability in the OpenVPN module of TP-Link AX53 v1.0 allows an authenticated adjacent attacker to read arbitrary file when a malicious configuration file is processed. Successful exploitation may allow unauthorized access to arbitrary files on the device,...
SUSE CVE-2026-43254
In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - fix packet extraction from stream When processing TCP stream data in ovpntcprecv, we receive large cloned skbs from strprcv that may contain multiple coalesced packets. The current implementation has two bugs: 1. Head...
Tp-Link Archer AX53 v1.0 dnsmasq configuration restore TFTP server enable vulnerability
Talos Vulnerability Report TALOS-2025-2305 Tp-Link Archer AX53 v1.0 dnsmasq configuration restore TFTP server enable vulnerability May 7, 2026 CVE Number CVE-2026-30817 SUMMARY An external config control vulnerability exists in the Openvpn configuration restore routeup functionality of Tp-Link...
Tp-Link Archer AX53 v1.0 Openvpn configuration restore client_disconnect OS command injection vulnerability
Talos Vulnerability Report TALOS-2025-2307 Tp-Link Archer AX53 v1.0 Openvpn configuration restore clientdisconnect OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30815 SUMMARY An os command injection vulnerability exists in the Openvpn configuration restore clientdisconnect...
Tp-Link Archer AX53 v1.0 Openvpn configuration restore route_up OS command injection vulnerability
Talos Vulnerability Report TALOS-2025-2309 Tp-Link Archer AX53 v1.0 Openvpn configuration restore routeup OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30815 SUMMARY An os command injection vulnerability exists in the Openvpn configuration restore routeup functionality of...
Tp-Link Archer AX53 v1.0 configuration restore crt.sed vulnerability
Talos Vulnerability Report TALOS-2025-2304 Tp-Link Archer AX53 v1.0 configuration restore crt.sed vulnerability May 7, 2026 CVE Number CVE-2026-30816 SUMMARY An external config control vulnerability exists in the Openvpn configuration restore crt.sed functionality of Tp-Link Archer AX53 v1.0 1.3....
Tp-Link Archer AX53 v1.0 Openvpn configuration restore script_security OS command injection vulnerability
Talos Vulnerability Report TALOS-2025-2303 Tp-Link Archer AX53 v1.0 Openvpn configuration restore scriptsecurity OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30815 SUMMARY An os command injection vulnerability exists in the Openvpn configuration restore scriptsecurity...
Linux Distros Unpatched Vulnerability : CVE-2026-43254
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ovpn: tcp - fix packet extraction from stream When processing TCP stream data in ovpntcprecv, we receive large cloned skbs from strprcv that may contain multipl...
CVE-2026-43254
A flaw was found in the Linux kernel's handling of OpenVPN ovpn TCP network traffic. This vulnerability occurs when the kernel processes multiple network packets that have been combined into a single stream. An attacker could exploit this by sending specially crafted TCP packets, leading to issue...
EUVD-2026-27815
In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - fix packet extraction from stream When processing TCP stream data in ovpntcprecv, we receive large cloned skbs from strprcv that may contain multiple coalesced packets. The current implementation has two bugs: 1. Head...
CVE-2026-43254
In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - fix packet extraction from stream When processing TCP stream data in ovpntcprecv, we receive large cloned skbs from strprcv that may contain multiple coalesced packets. The current implementation has two bugs: 1. Head...
CVE-2026-43254
In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - fix packet extraction from stream When processing TCP stream data in ovpntcprecv, we receive large cloned skbs from strprcv that may contain multiple coalesced packets. The current implementation has two bugs: 1...