CVE-2021-31605 – OpenVPN Monitor 1.1.3 Command Injection
https://notcve.org/view.php?id=CVE-2021-31605
furlongm openvpn-monitor through 1.1.3 allows %0a command injection via the OpenVPN management interface socket. This can shut down the server via signal%20SIGTERM. furlongm openvpn-monitor versiones hasta 1.1.3, permite una inyección de comandos %0a por medio del socket de la interfaz de administración de OpenVPN. Esto puede apagar el servidor por medio de signal%20SIGTERM OpenVPN Monitor versions 1.1.3 and below suffer from an injection vulnerability that allows an attacker to inject arbitrary commands into the OpenVPN server management interface socket. • http://packetstormsecurity.com/files/164278/OpenVPN-Monitor-1.1.3-Command-Injection.html https://github.com/furlongm/openvpn-monitor/releases • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2021-31606 – OpenVPN Monitor 1.1.3 Authorization Bypass / Denial Of Service
https://notcve.org/view.php?id=CVE-2021-31606
furlongm openvpn-monitor through 1.1.3 allows Authorization Bypass to disconnect arbitrary clients. furlongm openvpn-monitor versiones hasta 1.1.3 permite una Omisión de Autorización para desconectar clientes arbitrarios OpenVPN Monitor versions 1.1.3 and below suffer from an authorization bypass vulnerability that allows an attacker to disconnect arbitrary clients, even if the disconnect feature is disabled. • http://packetstormsecurity.com/files/164274/OpenVPN-Monitor-1.1.3-Authorization-Bypass-Denial-Of-Service.html https://github.com/furlongm/openvpn-monitor/commit/ddb9d31ef0ec56f578bdacf99ebe9d68455ed8ca https://github.com/furlongm/openvpn-monitor/releases • CWE-287: Improper Authentication •
CVE-2021-3824
https://notcve.org/view.php?id=CVE-2021-3824
OpenVPN Access Server 2.9.0 through 2.9.4 allow remote attackers to inject arbitrary web script or HTML via the web login page URL. OpenVPN Access Server versiones 2.9.0 hasta 2.9.4, permiten a atacantes remotos inyectar script web o HTML arbitrario por medio de la URL de la página de inicio de sesión • https://openvpn.net/vpn-server-resources/release-notes/#openvpn-access-server-2-9-5 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-84: Improper Neutralization of Encoded URI Schemes in a Web Page •
CVE-2021-3547
https://notcve.org/view.php?id=CVE-2021-3547
OpenVPN 3 Core Library version 3.6 and 3.6.1 allows a man-in-the-middle attacker to bypass the certificate authentication by issuing an unrelated server certificate using the same hostname found in the verify-x509-name option in a client configuration. OpenVPN 3 Core Library versiones 3.6 y 3.6.1, permiten a un atacante tipo "man-in-the-middle" omitir la autenticación de certificados al emitir un certificado de servidor no relacionado usando el mismo nombre de host encontrado en la opción verify-x509-name en la configuración de un cliente • https://community.openvpn.net/openvpn/wiki/CVE-2021-3547 https://community.openvpn.net/openvpn/wiki/SecurityAnnouncements • CWE-295: Improper Certificate Validation CWE-305: Authentication Bypass by Primary Weakness •
CVE-2021-3606
https://notcve.org/view.php?id=CVE-2021-3606
OpenVPN before version 2.5.3 on Windows allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process (openvpn.exe). OpenVPN versiones anteriores a 2.5.3 en Windows permite a usuarios locales cargar bibliotecas arbitrarias de carga dinámica por medio de un archivo de configuración de OpenSSL si está presente, permitiendo a un usuario ejecutar código arbitrario con el mismo nivel de privilegio que el proceso principal de OpenVPN (openvpn.exe) • https://community.openvpn.net/openvpn/wiki/CVE-2021-3606 https://community.openvpn.net/openvpn/wiki/SecurityAnnouncements • CWE-427: Uncontrolled Search Path Element •