Published: 27/09/2021 Updated: 02/10/2021

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 694

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

furlongm openvpn-monitor up to and including 1.1.3 allows %0a command injection via the OpenVPN management interface socket. This can shut down the server via signal%20SIGTERM.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openvpn-monitor project openvpn-monitor

OpenVPN Monitor versions 113 and below suffer from an injection vulnerability that allows an attacker to inject arbitrary commands into the OpenVPN server management interface socket ...

Full Disclosure mailing list archives   By Date By Thread </form>    openvpn-monitor OpenVPN Management Socket Command Injection   Fro ...

ZoomEye-dork

ZoomEye-dork ZoomEye-dork [ZoomEye推荐搜索] CVE-2021-38647，OMI远程执行代码漏洞 ZoomEye dork搜索app:"OMI软件代理" 输入CVE编号：CVE-2021-38647也可以关联出ZoomEye dork wwwzoomeyeorg/searchResult?q=app%3A%22OMI%E8%BD%AF%E4%BB%B6%E4%BB%A3%E7%90%86%22 影响国家地区Top10:美国（38137）、中国（6265）、德国（5215）、�

CWE-77 http://packetstormsecurity.com/files/164278/OpenVPN-Monitor-1.1.3-Command-Injection.html https://github.com/furlongm/openvpn-monitor/releases https://nvd.nist.gov https://github.com/nday-ldgz/ZoomEye-dork http://seclists.org/fulldisclosure/2021/Sep/47

CVE-2021-31605

Vulnerability Summary

Vulnerability Trend

Exploits

Mailing Lists

Github Repositories

References

Vulmon Search

About

Products

Connect