Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Pre-Auth EAP-TLS DoS on SoftEther VPN Developer Edition
Vulnerability Description
SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. In 5.2.5188 and earlier, a pre-authentication denial-of-service vulnerability exists in SoftEther VPN Developer Edition 5.2.5188 (and likely earlier versions of Developer Edition). An unauthenticated remote attacker can crash the vpnserver process by sending a single malformed EAP-TLS packet over raw L2TP (UDP/1701), terminating all active VPN sessions.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
未经控制的内存分配
Vulnerability Title
SoftEther VPN 安全漏洞
Vulnerability Description
SoftEther VPN是SoftEther开源的一款免费开源、跨平台、多协议的 VPN 软件。用于提供安全、灵活和高效的网络连接,绕过地理限制。 SoftEther VPN 5.2.5188及之前版本存在安全漏洞,该漏洞源于身份验证前处理畸形EAP-TLS数据包不当,可能导致拒绝服务攻击。
CVSS Information
N/A
Vulnerability Type
N/A