11 matches found
CVE-2026-24902
TrustTunnel is an open-source VPN protocol with a server-side request forgery and and private network restriction bypass in versions prior to 0.9.114. In tcpforwarder.rs, SSRF protection for allowprivatenetworkconnections = false was only applied in the TcpDestination::HostNamepeer path. The...
CVE-2026-24902 TrustTunnel has SSRF and private network restriction bypass via numeric address destinations
TrustTunnel is an open-source VPN protocol with a server-side request forgery and and private network restriction bypass in versions prior to 0.9.114. In tcpforwarder.rs, SSRF protection for allowprivatenetworkconnections = false was only applied in the TcpDestination::HostNamepeer path. The...
CVE-2026-24902
TrustTunnel is an open-source VPN protocol with a server-side request forgery and and private network restriction bypass in versions prior to 0.9.114. In tcpforwarder.rs, SSRF protection for allowprivatenetworkconnections = false was only applied in the TcpDestination::HostNamepeer path. The...
CVE-2026-24902
TrustTunnel contains a SSRF and private network bypass in versions before 0.9.114. In tcp_forwarder.rs, SSRF protection for allow_private_network_connections = false was only applied in the TcpDestination::HostName(peer) path; the TcpDestination::Address(peer) path forwarded to TcpStream::connect...
CVE-2026-24904 TrustTunnel has `client_random_prefix` rule bypass via fragmented or partial TLS ClientHello
TrustTunnel is an open-source VPN protocol with a rule bypass issue in versions prior to 0.9.115. In tlslistener.rs, TlsListener::listen peeks 1024 bytes and calls extractclientrandom.... If parsetlsplaintext fails for example, a fragmented/partial ClientHello split across TCP writes,...
EUVD-2026-4949
TrustTunnel is an open-source VPN protocol with a rule bypass issue in versions prior to 0.9.115. In tlslistener.rs, TlsListener::listen peeks 1024 bytes and calls extractclientrandom.... If parsetlsplaintext fails for example, a fragmented/partial ClientHello split across TCP writes,...
CVE-2026-24904
CVE-2026-24904 concerns TrustTunnel, an open‑source VPN protocol. The issue arises prior to version 0.9.115 where a rule-by-prefix bypass could occur: in tls_listener.rs, TlsListener::listen() peeks 1024 bytes and calls extract_client_random(...). If parse_tls_plaintext fails (e.g., fragmented/pa...
CVE-2026-24904 TrustTunnel has `client_random_prefix` rule bypass via fragmented or partial TLS ClientHello
TrustTunnel is an open-source VPN protocol with a rule bypass issue in versions prior to 0.9.115. In tlslistener.rs, TlsListener::listen peeks 1024 bytes and calls extractclientrandom.... If parsetlsplaintext fails for example, a fragmented/partial ClientHello split across TCP writes,...
PT-2026-5355
Name of the Vulnerable Software and Affected Versions TrustTunnel versions prior to 0.9.114 Description TrustTunnel, an open-source VPN protocol, contains a server-side request forgery and private network restriction bypass. The issue stems from insufficient SSRF protection within the tcp...
TrustTunnel code-related vulnerabilities
TrustTunnel is an open-source VPN protocol software developed by TrustTunnel. Versions of TrustTunnel prior to 0.9.114 contained code vulnerabilities due to incomplete SSRF protection. These vulnerabilities could allow bypassing private network restrictions and accessing loopback addresses or...
TrustTunnel access control error vulnerability
TrustTunnel is an open-source VPN protocol software developed by TrustTunnel. Versions of TrustTunnel prior to 0.9.115 contained a access control vulnerability, which stemmed from defects in the rule evaluation logic. This vulnerability could cause rules that rely on matching with the...