cpe:2.3:a:openvpn:openvpn:2.4.0:*:*:*:*:*:*:*
OpenVPN before version 2.5.3 on Windows allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process (openvpn.exe).
Max CVSS
7.8
EPSS Score
0.07%
Published
2021-07-02
Updated
2021-07-09
OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks.
Max CVSS
7.5
EPSS Score
2.06%
Published
2021-04-26
Updated
2022-08-05
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!