CVE-2014-9755
The CVE concerns Viprinet MultichannelVPN Router 300 hardware VPN client versions 2013070830/2013080900. The root cause is failure to validate the remote VPN endpoint identity by checking the endpoint’s SSL key before initiating the exchange, enabling a replay attack. Affected component: hardware...