Lucene search
+L

5 matches found

NVD
NVD
added 2021/09/24 3:15 a.m.18 views

CVE-2021-41583

vpn-user-portal aka eduVPN or Let's Connect! before 2.3.14, as packaged for Debian 10, Debian 11, and Fedora, allows remote authenticated users to obtain OS filesystem access, because of the interaction of QR codes with an exec that uses the -r option. This can be leveraged to obtain additional V...

9CVSS0.01816EPSS
Exploits0References2
Prion
Prion
added 2021/09/24 3:15 a.m.17 views

Code injection

vpn-user-portal aka eduVPN or Let's Connect! before 2.3.14, as packaged for Debian 10, Debian 11, and Fedora, allows remote authenticated users to obtain OS filesystem access, because of the interaction of QR codes with an exec that uses the -r option. This can be leveraged to obtain additional V...

9CVSS8.3AI score0.01816EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/09/24 2:22 a.m.49 views

CVE-2021-41583

vpn-user-portal (eduVPN/Let's Connect!) before 2.3.14, as packaged for Debian 10/11 and Fedora, allows remote authenticated users to obtain OS filesystem access due to the interaction of QR codes with an exec that uses the -r option. This can be leveraged to obtain additional VPN access. Affected...

9CVSS6.2AI score0.01816EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2021/09/24 12:0 a.m.5 views

PT-2021-4477 · Unknown · Vpn-User-Portal

Name of the Vulnerable Software and Affected Versions: vpn-user-portal versions prior to 2.3.14 Description: The issue arises from insufficient input validation in the vpn-user-portal software, allowing remote authenticated users to obtain OS filesystem access due to the interaction of QR codes...

9CVSS6.5AI score0.01816EPSS
Exploits0References9
CNNVD
CNNVD
added 2021/09/24 12:0 a.m.5 views

Commons Conservancy eduVPN 输入验证错误漏洞

Commons Conservancy eduVPN is a project of the Commons Conservancy Foundation for secure Internet access for R&E. Commons Conservancy eduVPN suffers from an input validation error vulnerability that stems from vpn-user-portal on Debian 10, Debian 11, and Fedora prior to version 2.3.14 Due to a QR...

9CVSS6.7AI score0.01816EPSS
Exploits0References3
Rows per page
Query Builder