Описание
A denial of service vulnerability exists in the DCRegister DDNS_RPC_MAX_RECV_SIZE functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service. An attacker can perform a man-in-the-middle attack to trigger this vulnerability.
Ссылки
- ExploitThird Party Advisory
- PatchVendor Advisory
- ExploitThird Party Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:softether:vpn:4.41-9782:beta:*:*:*:*:*:*
cpe:2.3:a:softether:vpn:5.01.9674:*:*:*:*:*:*:*
cpe:2.3:a:softether:vpn:5.02:*:*:*:*:*:*:*
EPSS
Процентиль: 54%
0.00315
Низкий
5.9 Medium
CVSS3
Дефекты
CWE-835
CWE-835
Связанные уязвимости
CVSS3: 5.9
github
больше 2 лет назад
A denial of service vulnerability exists in the DCRegister DDNS_RPC_MAX_RECV_SIZE functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service. An attacker can perform a man-in-the-middle attack to trigger this vulnerability.
CVSS3: 5.9
fstec
больше 2 лет назад
Уязвимость функции DCRegister VPN-клиента SoftEther VPN, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
Процентиль: 54%
0.00315
Низкий
5.9 Medium
CVSS3
Дефекты
CWE-835
CWE-835