29 matches found
CVE-2025-25566
The CVE-2025-25566 vulnerability affects SoftEtherVPN 5.02.5187 and is caused by a memory leak in the UnixMemoryAlloc function, leading to potential denial of service. Multiple connected sources confirm the affected software/version and the underlying cause; exploitation status and in-the-wild de...
PT-2025-11090 · Softether · Softether Vpn
Name of the Vulnerable Software and Affected Versions: SoftEtherVPN version 5.02.5187 Description: A memory leak issue exists in SoftEtherVPN 5.02.5187. This allows an attacker to potentially cause a denial of service by exploiting the UnixMemoryAlloc function. The supplier disputes the severity,...
CVE-2025-25566
Memory Leak vulnerability in SoftEtherVPN 5.02.5187 allows an attacker to cause a denial of service via the UnixMemoryAlloc function. NOTE: the Supplier disputes this because the behavior is limited to a single allocation of a few hundred bytes with a command-line tool...
CVE-2024-38520
SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. When SoftEtherVPN is deployed with L2TP enabled on a device, it introduces the possibility of the host being used for amplification/reflection traffic generation because it will respond to every packet with two response...
CVE-2024-38520 SoftEther VPN with L2TP - 2.75x Amplification
SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. When SoftEtherVPN is deployed with L2TP enabled on a device, it introduces the possibility of the host being used for amplification/reflection traffic generation because it will respond to every packet with two response...
CVE-2024-38520 SoftEther VPN with L2TP - 2.75x Amplification
SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. When SoftEtherVPN is deployed with L2TP enabled on a device, it introduces the possibility of the host being used for amplification/reflection traffic generation because it will respond to every packet with two response...
CVE-2024-38520
CVE-2024-38520 affects SoftEtherVPN when L2TP is enabled. The issue allows the host to be used for amplification/reflection traffic because the VPN responds to every packet with two responses larger than the request, enabling spoofed IPs to target a destination. The vulnerability is fixed in vers...
CVE-2024-38520 SoftEther VPN with L2TP - 2.75x Amplification
SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. When SoftEtherVPN is deployed with L2TP enabled on a device, it introduces the possibility of the host being used for amplification/reflection traffic generation because it will respond to every packet with two response...
FreeBSD : SoftEtherVPN -- multiple vulnerabilities (d821956f-1753-11ee-ad66-1c61b4739ac9)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the d821956f-1753-11ee-ad66-1c61b4739ac9 advisory. - Daiyuu Nobori reports: The SoftEther VPN project received a high level code review and...