exploitDog

CVE-2023-22308

Опубликовано: 12 окт. 2023

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

An integer underflow vulnerability exists in the vpnserver OvsProcessData functionality of SoftEther VPN 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.

Ссылки

https://talosintelligence.com/vulnerability_reports/TALOS-2023-1737
Exploit
Third Party Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1737
Exploit
Third Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1737

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:softether:vpn:5.01.9674:*:*:*:*:*:*:*

cpe:2.3:a:softether:vpn:5.02:*:*:*:*:*:*:*

EPSS

Процентиль: 26%

0.0009

Низкий

7.5 High

CVSS3

Дефекты

CWE-191

CWE-191

Связанные уязвимости

GHSA-8x86-h5jc-fg6v

CVSS3: 7.5

github

больше 2 лет назад

An integer underflow vulnerability exists in the vpnserver OvsProcessData functionality of SoftEther VPN 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.

EPSS

Процентиль: 26%

0.0009

Низкий

7.5 High

CVSS3

Дефекты

CWE-191

CWE-191