Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2021-31606

Published: 27/09/2021 Updated: 22/12/2023
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Openvpn-monitor

Vulnerability Summary

furlongm openvpn-monitor up to and including 1.1.3 allows Authorization Bypass to disconnect arbitrary clients.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

openvpn-monitor project openvpn-monitor

Exploits

Exploit DB: OpenVPN Monitor 1.1.3 Authorization Bypass / Denial Of Service
OpenVPN Monitor versions 113 and below suffer from an authorization bypass vulnerability that allows an attacker to disconnect arbitrary clients, even if the disconnect feature is disabled ...
Exploit DB: OpenVPN Monitor 1.1.3 Cross Site Request Forgery
OpenVPN Monitor versions 113 and below suffer from a cross site request forgery vulnerability that allows an attacker to disconnect arbitrary VPN clients ...
Exploit DB: OpenVPN Monitor 1.1.3 Command Injection
OpenVPN Monitor versions 113 and below suffer from an injection vulnerability that allows an attacker to inject arbitrary commands into the OpenVPN server management interface socket ...

Mailing Lists

Full Disclosure: openvpn-monitor OpenVPN Management Socket Command Injection
<!--X-Body-Begin--> <!--X-User-Header--> Full Disclosure mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> openvpn-monitor OpenVPN Management Socket Command Injection <!--X-Subject-Header-End--> <!--X-Head-of-Message--> Fro ...

References

CWE-287http://packetstormsecurity.com/files/164274/OpenVPN-Monitor-1.1.3-Authorization-Bypass-Denial-Of-Service.htmlhttps://github.com/furlongm/openvpn-monitor/releaseshttps://github.com/furlongm/openvpn-monitor/commit/ddb9d31ef0ec56f578bdacf99ebe9d68455ed8cahttps://nvd.nist.govhttp://seclists.org/fulldisclosure/2021/Sep/47
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21991CVE-2024-32674path traversalCVE-2023-21987denial of servicedosCVE-2024-4647CVE-2024-25519CVE-2024-33612
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook