The vulnerability of the `set_openvpn_client` function in the Milesight UR32L router software allows a hacker to execute arbitrary code.

The vulnerability of the setopenvpnclient function in the Milesight UR32L router microprogramming system is caused by a stack-based buffer overflow. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

ASUS RT-AX88U Formatting String Error Vulnerability

The ASUS RT-AX88U is a wireless router from ASUS in China. The ASUS RT-AX88U suffers from a Formatting String Error vulnerability, which stems from a vulnerability in the Advanced Open VPN feature that uses an externally controllable format string, which can be exploited by an attacker with an...

The vulnerability of the set_openvpn_client function in the Milesight UR32L router software allows a hacker to execute arbitrary code.

The vulnerability of the setopenvpnclient function in the Milesight UR32L router microprogramming system is caused by a stack-based buffer overflow. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

The vulnerability of the `set_openvpn_client` function in the Milesight UR32L router software allows a hacker to execute arbitrary code.

The vulnerability of the setopenvpnclient function in the Milesight UR32L router microprogramming system is caused by a stack-based buffer overflow. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

openvpn -- 2.6.0...2.6.6 --fragment option division by zero crash, and TLS data leak

The OpenVPN community project team reports: CVE-2023-46849 OpenVPN versions between 2.6.0 and 2.6.6 incorrectly restore "--fragment" configuration in some circumstances, leading to a division by zero when "--fragment" is used. On platforms where division by zero is fatal, this will cause an OpenV...

SUSE CVE-2020-20813

Control Channel in OpenVPN 2.4.7 and earlier allows remote attackers to cause a denial of service via crafted reset packet...

CVE-2020-20813

Control Channel in OpenVPN 2.4.7 and earlier allows remote attackers to cause a denial of service via crafted reset packet...

CVE-2020-20813

Control Channel in OpenVPN 2.4.7 and earlier allows remote attackers to cause a denial of service via crafted reset packet...

CVE-2020-20813

Control Channel in OpenVPN 2.4.7 and earlier allows remote attackers to cause a denial of service via crafted reset packet...

Hardcoded credentials

Control Channel in OpenVPN 2.4.7 and earlier allows remote attackers to cause a denial of service via crafted reset packet...

UBUNTU-CVE-2020-20813

Control Channel in OpenVPN 2.4.7 and earlier allows remote attackers to cause a denial of service via crafted reset packet...

CVE-2020-20813

Control Channel in OpenVPN 2.4.7 and earlier allows remote attackers to cause a denial of service via crafted reset packet...

OpenVPN 安全漏洞

OpenVPN is a software package for creating encrypted tunnels for Virtual Private Networks VPNs from the US-based OpenVPN, which uses the OpenSSL library to encrypt data and control information and allows the created VPN to be authenticated using a public key, an electronic certificate, or a...

CVE-2020-20813

Control Channel in OpenVPN 2.4.7 and earlier allows remote attackers to cause a denial of service via crafted reset packet...

PT-2023-11564 · Openvpn · Openvpn

Name of the Vulnerable Software and Affected Versions: OpenVPN versions 2.4.7 and earlier Description: The issue allows remote attackers to cause a denial of service via crafted reset packets. This is related to the Control Channel in OpenVPN. Recommendations: For OpenVPN versions 2.4.7 and...

CVE-2020-20813

CVE-2020-20813 affects OpenVPN 2.4.7 and earlier. The vulnerability lies in the control channel, allowing a remote attacker to cause a denial of service by sending a crafted reset packet over the network. The entry notes a high severity (CVSSv3.1: 7.5) with network attack vector and no user inter...

CVE-2023-35838

The WireGuard client 0.5.3 on Windows insecurely configures the operating system and firewall such that traffic to a local network that uses non-RFC1918 IP addresses is blocked. This allows an adversary to trick the victim into blocking IP traffic to selected IP addresses and services even while...

CVE-2023-36671

An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN tunnel even if this traffic is not generated by the VPN client. Thi...

CVE-2023-36672

An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that traffic to the local network is sent in plaintext outside the VPN tunnel even if the local network is using a non-RFC1918 IP subnet. This allows an...

CVE-2022-46782

An issue was discovered in Stormshield SSL VPN Client before 3.2.0. A logged-in user, able to only launch the VPNSSL Client, can use the OpenVPN instance to execute malicious code as administrator on the local machine...