Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openvpn vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-36609
The affected TBox RTUs run OpenVPN with root privileges and can run user defined configuration scripts. An attacker could set up a local OpenVPN server and push a malicious script onto the TBox host to acquire root privileges.
Ovarro Tbox Ms-cpu32 Firmware
Ovarro Tbox Ms-cpu32-s2 Firmware
Ovarro Tbox Lt2 Firmware
Ovarro Tbox Tg2 Firmware
Ovarro Tbox Rm2 Firmware
NA
CVE-2023-46456
In GL.iNET GL-AR300M routers with firmware 3.216 it is possible to inject arbitrary shell commands through the OpenVPN client file upload functionality.
Gl-inet Gl-ar300m Firmware 3.216
1 Github repository
NA
CVE-2023-7235
The OpenVPN GUI installer before version 2.6.9 did not set the proper access control restrictions to the installation directory of OpenVPN binaries when using a non-standard installation path, which allows an malicious user to replace binaries to run arbitrary executables.
NA
CVE-2023-32348
Teltonika’s Remote Management System versions before 4.10.0 contain a virtual private network (VPN) hub feature for cross-device communication that uses OpenVPN. It connects new devices in a manner that allows the new device to communicate with all Teltonika devices connec...
Teltonika Remote Management System
801
VMScore
CVE-2018-9105
NordVPN 3.3.10 for macOS suffers from a root privilege escalation vulnerability. The vulnerability stems from its privileged helper tool's implemented XPC service. This XPC service is responsible for receiving and processing new OpenVPN connection requests from the main appl...
Nordvpn Nordvpn 3.3.10
605
VMScore
CVE-2018-10066
An issue exists in MikroTik RouterOS 6.41.4. Missing OpenVPN server certificate verification allows a remote unauthenticated attacker capable of intercepting client traffic to act as a malicious OpenVPN server. This may allow the malicious user to gain access to the client's...
Mikrotik Routeros 6.41.4
NA
CVE-2024-1305
OpenVPN Security fixes: Windows TAP driver: Fix potential integer overflow in !TapSharedSendPacket.
605
VMScore
CVE-2017-17809
In Golden Frog VyprVPN prior to 2.15.0.5828 for macOS, the vyprvpnservice launch daemon has an unprotected XPC service that allows malicious users to update the underlying OpenVPN configuration and the arguments passed to the OpenVPN binary when executed. An attacker can abuse th...
Goldenfrog Vyprvpn
NA
CVE-2024-24974
OpenVPN Security fixes: Windows: disallow access to the interactive service pipe from remote computers.
668
VMScore
CVE-2021-3773
A flaw in netfilter could allow a network-connected malicious user to infer openvpn connection endpoint information for further use in traditional network attacks.
Linux Linux Kernel
Fedoraproject Fedora 34
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Policy 22.2.0
Oracle Communications Cloud Native Core Network Exposure Function 22.1.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »