Vulnerabilities in SoftEther VPN
9 resultsCVE-2023-27395CRITICALA heap-based buffer overflow vulnerability exists in the vpnserver WpcParsePacket() functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674EPSS 1.4%CVE-2023-23581HIGHA denial-of-service vulnerability exists in the vpnserver EnSafeHttpHeaderValueStr functionality of SoftEther VPN 5.01.9674 and 5.02. A specEPSS 0.8%CVE-2023-31192MEDIUMAn information disclosure vulnerability exists in the ClientConnect() functionality of SoftEther VPN 5.01.9674. A specially crafted network EPSS 0.8%CVE-2023-22325MEDIUMA denial of service vulnerability exists in the DCRegister DDNS_RPC_MAX_RECV_SIZE functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674 aEPSS 0.8%CVE-2023-25774HIGHA denial-of-service vulnerability exists in the vpnserver ConnectionAccept() functionality of SoftEther VPN 5.02. A set of specially craftedEPSS 0.7%CVE-2023-22308HIGHAn integer underflow vulnerability exists in the vpnserver OvsProcessData functionality of SoftEther VPN 5.01.9674 and 5.02. A specially craEPSS 0.7%CVE-2023-27516HIGHAn authentication bypass vulnerability exists in the CiRpcAccepted() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. A speciallEPSS 0.5%CVE-2023-32634HIGHAn authentication bypass vulnerability exists in the CiRpcServerThread() functionality of SoftEther VPN 5.01.9674 and 4.41-9782-beta. An attEPSS 0.4%CVE-2023-32275MEDIUMAn information disclosure vulnerability exists in the CtEnumCa() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. Specially crafEPSS 0.4%