Improper Input Validation

OpenVPN is vulnerable to Improper Input Validation. The vulnerability is due to improper validation of source IP addresses during session handling, which allows an attacker to open a session from a different IP address than the one that initiated the connection and cause a denial of service for t...

Slackware: Security Advisory (SSA:2025-323-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

TencentOS Server 4: openvpn (TSSA-2025:0278)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0278 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

OpenVPN HMAC Verification Vulnerability Bypass (Nov 2025) - Windows

OpenVPN is prone to a hmac bypass verification vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openvpn:openvpn";...

[slackware-security] openvpn

New openvpn packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/openvpn-2.6.16-i586-1slack15.0.txz: Upgraded. This update fixes a security issue: Fix memcmp check for the hmac verification in the...

Slackware Linux 15.0 / current openvpn Vulnerability (SSA:2025-323-01)

The version of openvpn installed on the remote host is prior to 2.6.16. It is, therefore, affected by a vulnerability as referenced in the SSA:2025-323-01 advisory. New openvpn packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the preceding...

FreeBSD : OpenVPN -- avoid buffer overread parsing routes or endpoints (50a0c266-c3ff-11f0-b513-0da7be77c170)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 50a0c266-c3ff-11f0-b513-0da7be77c170 advisory. Mikhail Khachaiants reports: socket: reject mismatched address family in getaddrgeneric. Add a family...

FreeBSD : OpenVPN -- HMAC verification on source IP address ineffective (17a40d76-c3fd-11f0-b513-0da7be77c170)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 17a40d76-c3fd-11f0-b513-0da7be77c170 advisory. Arne Schwabe reports: Fix memcmp check for the hmac verification in the 3way handshake being inverted...

PT-2025-47577

Name of the Vulnerable Software and Affected Versions OpenVPN versions prior to 2.6.16 Description The memcmp function in OpenVPN has an issue related to the use of a cryptographic algorithm with flaws when processing HMAC requests. Successful exploitation could allow a remote attacker to gain...

CVE-2025-34304

IPFire versions prior to 2.29 Core Update 198 contain a SQL injection vulnerability that allows an authenticated attacker to manipulate the SQL query used when viewing OpenVPN connection logs via the CONNECTIONNAME parameter. When viewing a range of OpenVPN connection logs, the application issues...

EUVD-2025-36510

IPFire versions prior to 2.29 Core Update 198 contain a SQL injection vulnerability that allows an authenticated attacker to manipulate the SQL query used when viewing OpenVPN connection logs via the CONNECTIONNAME parameter. When viewing a range of OpenVPN connection logs, the application issues...

CVE-2025-34304

IPFire versions prior to 2.29 Core Update 198 contain a SQL injection vulnerability that allows an authenticated attacker to manipulate the SQL query used when viewing OpenVPN connection logs via the CONNECTIONNAME parameter. When viewing a range of OpenVPN connection logs, the application issues...

CVE-2025-34304

IPFire versions prior to 2.29 Core Update 198 contain a SQL injection vulnerability that allows an authenticated attacker to manipulate the SQL query used when viewing OpenVPN connection logs via the CONNECTIONNAME parameter. When viewing a range of OpenVPN connection logs, the application issues...

CVE-2025-34304 IPFire < v2.29 SQL Injection via OpenVPN Connection Logs

IPFire versions prior to 2.29 Core Update 198 contain a SQL injection vulnerability that allows an authenticated attacker to manipulate the SQL query used when viewing OpenVPN connection logs via the CONNECTIONNAME parameter. When viewing a range of OpenVPN connection logs, the application issues...

CVE-2025-34304 IPFire < v2.29 SQL Injection via OpenVPN Connection Logs

IPFire versions prior to 2.29 Core Update 198 contain a SQL injection vulnerability that allows an authenticated attacker to manipulate the SQL query used when viewing OpenVPN connection logs via the CONNECTIONNAME parameter. When viewing a range of OpenVPN connection logs, the application issues...

CVE-2025-34304

IPFire

CVE-2025-50055

Cross-site scripting XSS vulnerability in the SAML Authentication module in OpenVPN Access Server version 2.14.0 through 2.14.3 allows configured remote SAML Assertion Consumer Service ACS endpoint servers to inject arbitrary web script or HTML via the RelayState parameter...

PT-2025-44163

Name of the Vulnerable Software and Affected Versions IPFire versions prior to 2.29 Core Update 198 Description IPFire versions prior to 2.29 Core Update 198 contain a SQL injection issue. An authenticated attacker can manipulate the SQL query when viewing OpenVPN connection logs through the...

Linux Distros Unpatched Vulnerability : CVE-2025-10680

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenVPN 2.7alpha1 through 2.7beta1 on POSIX based platforms allows a remote authenticated server to inject shell commands via DNS variables when --dns-updown is...

EUVD-2025-36169

Cross-site scripting XSS vulnerability in the SAML Authentication module in OpenVPN Access Server version 2.14.0 through 2.14.3 allows configured remote SAML Assertion Consumer Service ACS endpoint servers to inject arbitrary web script or HTML via the RelayState parameter...