Lucene search
K

2382 matches found

Prion
Prion
added 2021/12/09 4:15 p.m.12 views

Design/Logic Flaw

Gryphon Tower routers contain an unprotected openvpn configuration file which can grant attackers access to the Gryphon homebound VPN network which exposes the LAN interfaces of other users' devices connected to the same service. An attacker could leverage this to make configuration changes to, o...

5CVSS7.6AI score0.01242EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/12/09 3:19 p.m.63 views

CVE-2021-20145

Gryphon Tower routers are affected by CVE-2021-20145 due to an unprotected OpenVPN configuration file. The root cause is configuration data left accessible, which can grant an attacker access to the Gryphon homebound VPN network and expose LAN interfaces of other users’ devices sharing the same s...

7.5CVSS7.5AI score0.01242EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/12/09 3:19 p.m.22 views

CVE-2021-20145

Gryphon Tower routers contain an unprotected openvpn configuration file which can grant attackers access to the Gryphon homebound VPN network which exposes the LAN interfaces of other users' devices connected to the same service. An attacker could leverage this to make configuration changes to, o...

7.8AI score0.01242EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2021/12/01 12:0 a.m.4 views

The vulnerability of the mbConnect24serv component for clients to establish encrypted connections with mbDIALUP allows a perpetrator to enhance their privileges and execute arbitrary codes.

The vulnerability of the mbConnect24serv component for clients to establish encrypted connections with mbDIALUP is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code using a malicious OpenVPN...

7.8CVSS7.6AI score0.00253EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/10/22 12:0 a.m.11 views

OpenVPN Connect Installed (Windows)

Binary data openvpnconnectwininstalled.nbin...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/10/22 12:0 a.m.39 views

OpenVPN Connect 3.2.0 < 3.3.1 Input Validation Vulnerability (Windows)

According to its self-reported version number, the version of OpenVPN Connect installed on the remote Windows host is affected by an input validation vulnerability. OpenVPN Connect 3.2.0 through 3.3.0 allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration fil...

7.8CVSS7.3AI score0.00568EPSS
Exploits0References2
OSV
OSV
added 2021/09/27 6:15 a.m.21 views

CVE-2021-31606

furlongm openvpn-monitor through 1.1.3 allows Authorization Bypass to disconnect arbitrary clients...

7.5CVSS7.5AI score
Exploits0References3
NVD
NVD
added 2021/09/27 6:15 a.m.12 views

CVE-2021-31604

furlongm openvpn-monitor through 1.1.3 allows CSRF to disconnect an arbitrary client...

6.5CVSS0.00656EPSS
Exploits3References2
OSV
OSV
added 2021/09/27 6:15 a.m.19 views

CVE-2021-31605

furlongm openvpn-monitor through 1.1.3 allows %0a command injection via the OpenVPN management interface socket. This can shut down the server via signal%20SIGTERM...

7.5CVSS7.9AI score
Exploits0References2
OSV
OSV
added 2021/09/27 6:15 a.m.14 views

CVE-2021-31604

furlongm openvpn-monitor through 1.1.3 allows CSRF to disconnect an arbitrary client...

6.5CVSS6.6AI score
Exploits0References2
NVD
NVD
added 2021/09/27 6:15 a.m.15 views

CVE-2021-31605

furlongm openvpn-monitor through 1.1.3 allows %0a command injection via the OpenVPN management interface socket. This can shut down the server via signal%20SIGTERM...

7.8CVSS0.03314EPSS
Exploits2References2
NVD
NVD
added 2021/09/27 6:15 a.m.17 views

CVE-2021-31606

furlongm openvpn-monitor through 1.1.3 allows Authorization Bypass to disconnect arbitrary clients...

7.5CVSS0.02448EPSS
Exploits6References3
Prion
Prion
added 2021/09/27 6:15 a.m.15 views

Command injection

furlongm openvpn-monitor through 1.1.3 allows %0a command injection via the OpenVPN management interface socket. This can shut down the server via signal%20SIGTERM...

7.8CVSS7.9AI score0.03314EPSS
Exploits2References2Affected Software1
PyPA
PyPA
added 2021/09/27 6:15 a.m.6 views

PYSEC-2021-352

furlongm openvpn-monitor through 1.1.3 allows CSRF to disconnect an arbitrary client...

6.5CVSS7.1AI score0.00656EPSS
Exploits3References3Affected Software1
Prion
Prion
added 2021/09/27 6:15 a.m.9 views

Cross site request forgery (csrf)

furlongm openvpn-monitor through 1.1.3 allows CSRF to disconnect an arbitrary client...

4.3CVSS6.5AI score0.00656EPSS
Exploits3References2Affected Software1
PyPA
PyPA
added 2021/09/27 6:15 a.m.6 views

PYSEC-2021-354

furlongm openvpn-monitor through 1.1.3 allows Authorization Bypass to disconnect arbitrary clients...

7.5CVSS7.1AI score0.02448EPSS
Exploits6References3Affected Software1
PyPA
PyPA
added 2021/09/27 6:15 a.m.7 views

PYSEC-2021-353

furlongm openvpn-monitor through 1.1.3 allows %0a command injection via the OpenVPN management interface socket. This can shut down the server via signal%20SIGTERM...

7.8CVSS7.7AI score0.03314EPSS
Exploits2References3Affected Software1
Prion
Prion
added 2021/09/27 6:15 a.m.15 views

Authorization

furlongm openvpn-monitor through 1.1.3 allows Authorization Bypass to disconnect arbitrary clients...

5CVSS7.5AI score0.02448EPSS
Exploits6References3Affected Software1
OSV
OSV
added 2021/09/27 6:15 a.m.19 views

PYSEC-2021-354

furlongm openvpn-monitor through 1.1.3 allows Authorization Bypass to disconnect arbitrary clients...

7.5CVSS3.6AI score0.02448EPSS
Exploits6References3
OSV
OSV
added 2021/09/27 6:15 a.m.28 views

PYSEC-2021-352

furlongm openvpn-monitor through 1.1.3 allows CSRF to disconnect an arbitrary client...

6.5CVSS2.7AI score0.00656EPSS
Exploits3References3
Rows per page
Query Builder