CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-20813
https://notcve.org/view.php?id=CVE-2020-20813
22 Aug 2023 — Control Channel in OpenVPN 2.4.7 and earlier allows remote attackers to cause a denial of service via crafted reset packet. El componente Control Channel de OpenVPN v2.4.7 y anteriores permite a atacantes remotos provocar una denegación de servicio a través de un paquete de restablecimiento manipulado. • https://www.freebuf.com/vuls/215171.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-0547 – Ubuntu Security Notice USN-6850-1
https://notcve.org/view.php?id=CVE-2022-0547
18 Mar 2022 — OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials. OpenVPN versiones 2.1 hasta v2.4.12 y versión v2.5.6, puede permitir una omisión de autenticación en los complementos de autenticación externa cuando más de uno de ellos hace uso de las respuestas de autenticación diferida, lo que permite qu... • https://community.openvpn.net/openvpn/wiki/CVE-2022-0547 • CWE-287: Improper Authentication CWE-305: Authentication Bypass by Primary Weakness •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-3606
https://notcve.org/view.php?id=CVE-2021-3606
02 Jul 2021 — OpenVPN before version 2.5.3 on Windows allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process (openvpn.exe). OpenVPN versiones anteriores a 2.5.3 en Windows permite a usuarios locales cargar bibliotecas arbitrarias de carga dinámica por medio de un archivo de configuración de OpenSSL si está presente, permitiendo a un usuario ejecutar código arbitrario... • https://community.openvpn.net/openvpn/wiki/CVE-2021-3606 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2020-15078 – Gentoo Linux Security Advisory 202105-25
https://notcve.org/view.php?id=CVE-2020-15078
26 Apr 2021 — OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks. OpenVPN versiones 2.5.1 y anteriores, permiten a atacantes remotos omitir la autenticación y los datos del canal de control de acceso en servidores configurados con autenticación diferida, que pueden ser usados para desencadenar potencialmente más fugas de información It wa... • https://community.openvpn.net/openvpn/wiki/CVE-2020-15078 • CWE-305: Authentication Bypass by Primary Weakness CWE-306: Missing Authentication for Critical Function •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27569
https://notcve.org/view.php?id=CVE-2020-27569
21 Apr 2021 — Arbitrary File Write exists in Aviatrix VPN Client 2.8.2 and earlier. The VPN service writes logs to a location that is world writable and can be leveraged to gain write access to any file on the system. Se presenta una Escritura de Archivos Arbitraria en Aviatrix VPN Client versiones 2.8.2 y anteriores. El servicio VPN escribe registros en una ubicación que es de tipo world writable y puede ser aprovechado para conseguir acceso de escritura a cualquier archivo del sistema • https://docs.aviatrix.com/HowTos/security_bulletin_article.html#openvpn-abitrary-file-write • CWE-276: Incorrect Default Permissions •
CVSS: 4.3EPSS: 2%CPEs: 6EXPL: 1CVE-2020-11810 – Ubuntu Security Notice USN-4933-1
https://notcve.org/view.php?id=CVE-2020-11810
27 Apr 2020 — An issue was discovered in OpenVPN 2.4.x before 2.4.9. An attacker can inject a data channel v2 (P_DATA_V2) packet using a victim's peer-id. Normally such packets are dropped, but if this packet arrives before the data channel crypto parameters have been initialized, the victim's connection will be dropped. This requires careful timing due to the small time window (usually within a few seconds) between the victim client connection starting and the server PUSH_REPLY response back to the client. This attack w... • https://bugzilla.suse.com/show_bug.cgi?id=1169925 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-7224
https://notcve.org/view.php?id=CVE-2020-7224
16 Apr 2020 — The Aviatrix OpenVPN client through 2.5.7 on Linux, macOS, and Windows is vulnerable when OpenSSL parameters are altered from the issued value set; the parameters could allow unauthorized third-party libraries to load. El cliente Aviatrix OpenVPN versiones hasta 2.5.7 en Linux, macOS y Windows, es vulnerable cuando los parámetros OpenSSL son alterados a partir de un conjunto de valores emitidos; los parámetros podrían permitir que se carguen bibliotecas de terceros no autorizadas. • https://docs.aviatrix.com/#security-bulletin •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2018-9336 – Slackware Security Advisory - openvpn Updates
https://notcve.org/view.php?id=CVE-2018-9336
27 Apr 2018 — openvpnserv.exe (aka the interactive service helper) in OpenVPN 2.4.x before 2.4.6 allows a local attacker to cause a double-free of memory by sending a malformed request to the interactive service. This could cause a denial-of-service through memory corruption or possibly have unspecified other impact including privilege escalation. openvpnserv.exe (también conocido como interactive service helper) en OpenVPN en versiones 2.4.x anteriores a la 2.4.6 permite que un atacante local provoque una doble liberaci... • http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.568761 • CWE-415: Double Free •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 1CVE-2018-7544
https://notcve.org/view.php?id=CVE-2018-7544
16 Mar 2018 — A cross-protocol scripting issue was discovered in the management interface in OpenVPN through 2.4.5. When this interface is enabled over TCP without a password, and when no other clients are connected to this interface, attackers can execute arbitrary management commands, obtain sensitive information, or cause a denial of service (SIGTERM) by triggering XMLHttpRequest actions in a web browser. This is demonstrated by a multipart/form-data POST to http://localhost:23000 with a "signal SIGTERM" command in a ... • http://blog.0xlabs.com/2018/03/openvpn-remote-information-disclosure.html • CWE-134: Use of Externally-Controlled Format String •
CVSS: 9.8EPSS: 5%CPEs: 3EXPL: 0CVE-2017-12166 – Ubuntu Security Notice USN-7340-1
https://notcve.org/view.php?id=CVE-2017-12166
03 Oct 2017 — OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution. OpenVPN en versiones anteriores a la 2.3.3 y en versiones 2.4.x anteriores a la 2.4.4 es vulnerable a undesbordamiento de búfer cuando se utiliza key-method 1, lo que puede provocar la ejecución de código. It was discovered that OpenVPN did not perform proper input validation when generating a TLS key under certain configuration, which could ... • http://www.securityfocus.com/bid/101153 • CWE-787: Out-of-bounds Write •