CVE-2023-27516

2023-10-1215:27:52

CWE-453

talos

github.com

authentication

softether vpn

vulnerability

network packet

unauthorized access

attacker

network request

CVSS3

7.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

AI Score

6.9

Confidence

Low

SSVC

Exploitation

poc

Automatable

Technical Impact

partial

JSON

An authentication bypass vulnerability exists in the CiRpcAccepted() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. A specially crafted network packet can lead to unauthorized access. An attacker can send a network request to trigger this vulnerability.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:softether:vpn:4.41-9782:beta:*:*:*:*:*:*"
    ],
    "vendor": "softether",
    "product": "vpn",
    "versions": [
      {
        "status": "affected",
        "version": "4.41-9782"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:a:softether:vpn:5.01.9674:*:*:*:*:*:*:*"
    ],
    "vendor": "softether",
    "product": "vpn",
    "versions": [
      {
        "status": "affected",
        "version": "5.01.9674"
      }
    ],
    "defaultStatus": "unknown"
  }
]