CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-27516
https://notcve.org/view.php?id=CVE-2023-27516
An authentication bypass vulnerability exists in the CiRpcAccepted() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. A specially crafted network packet can lead to unauthorized access. An attacker can send a network request to trigger this vulnerability. Existe una vulnerabilidad de omisión de autenticación en la funcionalidad CiRpcAccepted() de SoftEther VPN 4.41-9782-beta y 5.01.9674. Un paquete de red especialmente manipulado puede provocar un acceso no autorizado. • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1754 https://www.softether.org/9-about/News/904-SEVPN202301 • CWE-453: Insecure Default Variable Initialization CWE-1188: Initialization of a Resource with an Insecure Default •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-32634
https://notcve.org/view.php?id=CVE-2023-32634
An authentication bypass vulnerability exists in the CiRpcServerThread() functionality of SoftEther VPN 5.01.9674 and 4.41-9782-beta. An attacker can perform a local man-in-the-middle attack to trigger this vulnerability. Existe una vulnerabilidad de omisión de autenticación en la funcionalidad CiRpcServerThread() de SoftEther VPN 5.01.9674 y 4.41-9782-beta. Un atacante puede realizar un ataque de intermediario local para desencadenar esta vulnerabilidad. • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1755 https://www.softether.org/9-about/News/904-SEVPN202301 • CWE-300: Channel Accessible by Non-Endpoint •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-31192
https://notcve.org/view.php?id=CVE-2023-31192
An information disclosure vulnerability exists in the ClientConnect() functionality of SoftEther VPN 5.01.9674. A specially crafted network packet can lead to a disclosure of sensitive information. An attacker can perform a man-in-the-middle attack to trigger this vulnerability. Existe una vulnerabilidad de divulgación de información en la funcionalidad ClientConnect() de SoftEther VPN 5.01.9674. Un paquete de red especialmente manipulado puede dar lugar a la divulgación de información confidencial. • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1768 https://www.softether.org/9-about/News/904-SEVPN202301 • CWE-457: Use of Uninitialized Variable CWE-908: Use of Uninitialized Resource •
CVSS: 5.7EPSS: 0%CPEs: 1EXPL: 1CVE-2023-36672
https://notcve.org/view.php?id=CVE-2023-36672
An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that traffic to the local network is sent in plaintext outside the VPN tunnel even if the local network is using a non-RFC1918 IP subnet. This allows an adversary to trick the victim into sending arbitrary IP traffic in plaintext outside the VPN tunnel. NOTE: the tunnelcrack.mathyvanhoef.com website uses this CVE ID to refer more generally to "LocalNet attack resulting in leakage of traffic in plaintext" rather than to only Clario. • https://clario.co/vpn-for-mac https://mullvad.net/de/blog/2023/8/9/response-to-tunnelcrack-vulnerability-disclosure https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0015 https://tunnelcrack.mathyvanhoef.com/details.html • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-36671
https://notcve.org/view.php?id=CVE-2023-36671
An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN tunnel even if this traffic is not generated by the VPN client. This allows an adversary to trick the victim into sending plaintext traffic to the VPN server's IP address and thereby deanonymize the victim. NOTE: the tunnelcrack.mathyvanhoef.com website uses this CVE ID to refer more generally to "ServerIP attack for only traffic to the real IP address of the VPN server" rather than to only Clario. • https://clario.co/vpn-for-mac https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0015 https://tunnelcrack.mathyvanhoef.com/details.html • CWE-319: Cleartext Transmission of Sensitive Information •