Vpn Security Vulnerabilities and Issues — Vpn CVE List

Lucene search

SoftetherVpn

4 matches found

CVE•added 2023/10/12 4:15 p.m.•61 views

CVE-2023-27395

A heap-based buffer overflow vulnerability exists in the vpnserver WpcParsePacket() functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674 and 5.02. A specially crafted network packet can lead to arbitrary code execution. An attacker can perform a man-in-the-middle attack to trigger this vulnerab...

9CVSS8.3AI score0.00562EPSS

CVE•added 2025/03/12 4:15 p.m.•60 views

CVE-2025-25565

SoftEther VPN 5.02.5187 is vulnerable to Buffer Overflow in the Command.c file via the PtMakeCert and PtMakeCert2048 functions. NOTE: the Supplier disputes this because the behavior only allows a user to attack himself by typing a long string on a command line.

9.8CVSS6.5AI score0.00088EPSS

CVE•added 2025/03/12 4:15 p.m.•53 views

CVE-2025-25567

SoftEther VPN 5.02.5187 is vulnerable to Buffer Overflow in Internat.c via the UniToStrForSingleChars function. NOTE: the Supplier disputes this because the behavior only enables a local user to attack himself through the UI,

9.8CVSS6.2AI score0.00088EPSS

CVE•added 2025/03/12 4:15 p.m.•49 views

CVE-2025-25568

SoftEtherVPN 5.02.5187 is vulnerable to Use after Free in the Command.c file via the CheckNetworkAcceptThread function. NOTE: the Supplier disputes this because the use-after-free is not in the VPN software, but is instead in a separate tool that has no untrusted input and runs under the user's own...

9.8CVSS6.7AI score0.00088EPSS