CVE-2025-50055

OpenVPN Access Server 2.14.0–2.14.3 exposes an XSS vulnerability in the SAML Authentication module via the RelayState parameter. The issue allows an attacker-controlled RelayState to inject arbitrary script/HTML, potentially leading to client-side impact. The CVE description in official records n...

EUVD-2018-2148

Malware in sbrugna...

EUVD-2022-47147

Malicious code in bioql PyPI...

CVE-2023-33621

GL.iNET GL-AR750S-Ext firmware v3.215 inserts the admin authentication token into a GET request when the OpenVPN Server config file is downloaded. The token is then left in the browser history or access logs, potentially allowing attackers to bypass authentication via session replay...

OpenVPN Server versions 2.6.1 <= 2.6.13 DoS

OpenVPN from 2.6.1 through 2.6.13, setup with tls-crypt-v2. is affected by a denial of service vulnerability. A local attacker who can monitor network traffic, can inject specially crafted packets during the tls-crypt2-v2 handshake and corrupt the server. %NASLMINLEVEL 80900 C Tenable, Inc...

openvpn -- server-side denial-of-service vulnerability with tls-crypt-v2

Gert Doering reports: OpenVPN servers between 2.6.1 and 2.6.13 using --tls-crypt-v2 can be made to abort with an ASSERT message by sending a particular combination of authenticated and malformed packets. To trigger the bug, a valid tls-crypt-v2 client key is needed, or network observation of a...

The vulnerability of the openvpn_server_setup() function in the openvpn.cgi scenario of the Wavlink AC3000 (WL-WN533A8) router microprogramming software allows a hacker to circumvent existing security restrictions.

The vulnerability of the openvpnserversetup function in the openvpn.cgi script of the Wavlink AC3000 WL-WN533A8 router software is related to errors in system configuration or settings. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions by sending...

The vulnerability of the openvpn_server_setup() function in the openvpn.cgi scenario of the Wavlink AC3000 (WL-WN533A8) router microprogramming software allows a hacker to circumvent existing security restrictions.

The vulnerability of the openvpnserversetup function in the openvpn.cgi script of the Wavlink AC3000 WL-WN533A8 router software is related to errors in system configuration or settings. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions by sending...

The vulnerability of the openvpn_server_setup() function in the openvpn.cgi scenario of the Wavlink AC3000 (WL-WN533A8) router microprogramming software allows a hacker to circumvent existing security restrictions.

The vulnerability of the openvpnserversetup function in the openvpn.cgi script of the Wavlink AC3000 WL-WN533A8 router software is related to errors in system configuration or settings. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions by sending...

CVE-2024-39798

Multiple external config control vulnerabilities exists in the openvpn.cgi openvpnserversetup functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these...

WAVLINK AC3000 安全漏洞

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from an external configuration control vulnerability that originates from the openvpn.cgi openvpnserversetup function's openport parameter failing to correctly filter constructed command special characters,...

OpenVPN Server versions 2.6.0 <= 2.6.10 Session Extension Vulnerability

OpenVPN from 2.6.0 through 2.6.10 in a server role accepts multiple exit notifications from authenticated clients which will extend the validity of a closing session %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid208125; scriptversion"1.3";...

CVE-2023-33621

GL.iNET GL-AR750S-Ext firmware v3.215 inserts the admin authentication token into a GET request when the OpenVPN Server config file is downloaded. The token is then left in the browser history or access logs, potentially allowing attackers to bypass authentication via session replay...

CVE-2023-33621

GL.iNET GL-AR750S-Ext firmware v3.215 inserts the admin authentication token into a GET request when the OpenVPN Server config file is downloaded. The token is then left in the browser history or access logs, potentially allowing attackers to bypass authentication via session replay...

GL.iNet GL-AR750S-Ext 安全漏洞

The GL.iNet GL-AR750S-Ext is a wireless router from China's Guanglian Zhitong GL.iNet. A security vulnerability exists in the GL.iNet GL-AR750S-Ext version 3.215, which originates from the insertion of an administrator authentication token into a GET request when downloading the OpenVPN server...

The vulnerability of the embedded software of the NETGEAR R7000P router, related to buffer overflow vulnerabilities, allows a hacker to execute arbitrary code.

The vulnerability of the embedded software of the NETGEAR R7000P router is related to buffer overflow errors. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code through the openvpnserverip parameter...

CVE-2022-44199

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter openvpnserverip...

CVE-2022-44197

Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameter openvpnserverip...

NETGEAR R7000P 缓冲区错误漏洞

NETGEAR R7000P is a wireless router from NETGEAR, Inc. NETGEAR R7000P firmware version V1.3.1.64 is vulnerable to a buffer overflow vulnerability caused by a lack of length validation of the data entered in the openvpnserverip parameter, which could be exploited by an attacker to cause a denial o...

CVE-2022-44197

Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameter openvpnserverip...