Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
6 vulnerabilities found for SoftEtherVPN by SoftEtherVPN
CVE-2026-39312 (GCVE-0-2026-39312)
Vulnerability from nvd – Published: 2026-04-07 16:52 – Updated: 2026-04-07 17:27
VLAI?
Title
Pre-Auth EAP-TLS DoS on SoftEther VPN Developer Edition
Summary
SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. In 5.2.5188 and earlier, a pre-authentication denial-of-service vulnerability exists in SoftEther VPN Developer Edition 5.2.5188 (and likely earlier versions of Developer Edition). An unauthenticated remote attacker can crash the vpnserver process by sending a single malformed EAP-TLS packet over raw L2TP (UDP/1701), terminating all active VPN sessions.
Severity ?
7.5 (High)
CWE
- CWE-789 - Memory Allocation with Excessive Size Value
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SoftEtherVPN | SoftEtherVPN |
Affected:
<= 5.2.5188
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-39312",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-07T17:27:13.530375Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-07T17:27:16.498Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/SoftEtherVPN/SoftEtherVPN/security/advisories/GHSA-q5g3-qhc6-pr3h"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SoftEtherVPN",
"vendor": "SoftEtherVPN",
"versions": [
{
"status": "affected",
"version": "\u003c= 5.2.5188"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. In 5.2.5188 and earlier, a pre-authentication denial-of-service vulnerability exists in SoftEther VPN Developer Edition 5.2.5188 (and likely earlier versions of Developer Edition). An unauthenticated remote attacker can crash the vpnserver process by sending a single malformed EAP-TLS packet over raw L2TP (UDP/1701), terminating all active VPN sessions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-789",
"description": "CWE-789: Memory Allocation with Excessive Size Value",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-07T16:52:08.172Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/SoftEtherVPN/SoftEtherVPN/security/advisories/GHSA-q5g3-qhc6-pr3h",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/SoftEtherVPN/SoftEtherVPN/security/advisories/GHSA-q5g3-qhc6-pr3h"
}
],
"source": {
"advisory": "GHSA-q5g3-qhc6-pr3h",
"discovery": "UNKNOWN"
},
"title": "Pre-Auth EAP-TLS DoS on SoftEther VPN Developer Edition"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-39312",
"datePublished": "2026-04-07T16:52:08.172Z",
"dateReserved": "2026-04-06T19:31:07.265Z",
"dateUpdated": "2026-04-07T17:27:16.498Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-32787 (GCVE-0-2025-32787)
Vulnerability from nvd – Published: 2025-04-16 21:41 – Updated: 2025-04-17 13:15
VLAI?
Title
SoftEtherVPN Affected by NULL dereference in DeleteIPv6DefaultRouterInRA
Summary
SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. Versions 5.02.5184 to 5.02.5187 are vulnerable to NULL dereference in `DeleteIPv6DefaultRouterInRA` called by `StorePacket`. Before dereferencing, `DeleteIPv6DefaultRouterInRA` does not account for `ParsePacket` returning NULL, resulting in the program crashing. A patched version does not exist at this time.
Severity ?
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SoftEtherVPN | SoftEtherVPN |
Affected:
>= 5.02.5184, <= 5.02.5187
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-32787",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-17T13:15:14.404650Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-17T13:15:18.899Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/SoftEtherVPN/SoftEtherVPN/security/advisories/GHSA-xw53-587j-mqh6"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SoftEtherVPN",
"vendor": "SoftEtherVPN",
"versions": [
{
"status": "affected",
"version": "\u003e= 5.02.5184, \u003c= 5.02.5187"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. Versions 5.02.5184 to 5.02.5187 are vulnerable to NULL dereference in `DeleteIPv6DefaultRouterInRA` called by `StorePacket`. Before dereferencing, `DeleteIPv6DefaultRouterInRA` does not account for `ParsePacket` returning NULL, resulting in the program crashing. A patched version does not exist at this time."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476: NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T21:41:15.966Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/SoftEtherVPN/SoftEtherVPN/security/advisories/GHSA-xw53-587j-mqh6",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/SoftEtherVPN/SoftEtherVPN/security/advisories/GHSA-xw53-587j-mqh6"
},
{
"name": "https://github.com/SoftEtherVPN/SoftEtherVPN/blob/7006539732c0231d7723623cc8732f94ba2b8c54/src/Cedar/Hub.c#L5112C1-L5116C29",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/SoftEtherVPN/SoftEtherVPN/blob/7006539732c0231d7723623cc8732f94ba2b8c54/src/Cedar/Hub.c#L5112C1-L5116C29"
},
{
"name": "https://github.com/SoftEtherVPN/SoftEtherVPN/blob/master/src/Mayaqua/TcpIp.c#L1633",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/SoftEtherVPN/SoftEtherVPN/blob/master/src/Mayaqua/TcpIp.c#L1633"
}
],
"source": {
"advisory": "GHSA-xw53-587j-mqh6",
"discovery": "UNKNOWN"
},
"title": "SoftEtherVPN Affected by NULL dereference in DeleteIPv6DefaultRouterInRA"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-32787",
"datePublished": "2025-04-16T21:41:15.966Z",
"dateReserved": "2025-04-10T12:51:12.280Z",
"dateUpdated": "2025-04-17T13:15:18.899Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38520 (GCVE-0-2024-38520)
Vulnerability from nvd – Published: 2024-06-26 18:59 – Updated: 2024-08-02 04:12
VLAI?
Title
SoftEther VPN with L2TP - 2.75x Amplification
Summary
SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. When SoftEtherVPN is deployed with L2TP enabled on a device, it introduces the possibility of the host being used for amplification/reflection traffic generation because it will respond to every packet with two response packets that are larger than the request packet size. These sorts of techniques are used by external actors who generate spoofed source IPs to target a destination on the internet. This vulnerability has been patched in version 5.02.5185.
Severity ?
5.3 (Medium)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SoftEtherVPN | SoftEtherVPN |
Affected:
<= 5.02.5183
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:softether:vpn:5.02:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vpn",
"vendor": "softether",
"versions": [
{
"status": "affected",
"version": "5.02.5185"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38520",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-26T20:51:29.981598Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-26T20:53:01.101Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.267Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/SoftEtherVPN/SoftEtherVPN/security/advisories/GHSA-j35p-p8pj-vqxq",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/SoftEtherVPN/SoftEtherVPN/security/advisories/GHSA-j35p-p8pj-vqxq"
},
{
"name": "https://github.com/SoftEtherVPN/SoftEtherVPN/commit/c2a7aa548137dc80c6aafdc645cf4dc34e0dc764",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/SoftEtherVPN/SoftEtherVPN/commit/c2a7aa548137dc80c6aafdc645cf4dc34e0dc764"
},
{
"name": "https://github.com/SoftEtherVPN/SoftEtherVPN/releases/tag/5.02.5185",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/SoftEtherVPN/SoftEtherVPN/releases/tag/5.02.5185"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SoftEtherVPN",
"vendor": "SoftEtherVPN",
"versions": [
{
"status": "affected",
"version": "\u003c= 5.02.5183"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. When SoftEtherVPN is deployed with L2TP enabled on a device, it introduces the possibility of the host being used for amplification/reflection traffic generation because it will respond to every packet with two response packets that are larger than the request packet size. These sorts of techniques are used by external actors who generate spoofed source IPs to target a destination on the internet. This vulnerability has been patched in version 5.02.5185.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-02T15:16:05.881Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/SoftEtherVPN/SoftEtherVPN/security/advisories/GHSA-j35p-p8pj-vqxq",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/SoftEtherVPN/SoftEtherVPN/security/advisories/GHSA-j35p-p8pj-vqxq"
},
{
"name": "https://github.com/SoftEtherVPN/SoftEtherVPN/commit/c2a7aa548137dc80c6aafdc645cf4dc34e0dc764",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/SoftEtherVPN/SoftEtherVPN/commit/c2a7aa548137dc80c6aafdc645cf4dc34e0dc764"
},
{
"name": "https://github.com/SoftEtherVPN/SoftEtherVPN/releases/tag/5.02.5185",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/SoftEtherVPN/SoftEtherVPN/releases/tag/5.02.5185"
}
],
"source": {
"advisory": "GHSA-j35p-p8pj-vqxq",
"discovery": "UNKNOWN"
},
"title": "SoftEther VPN with L2TP - 2.75x Amplification"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-38520",
"datePublished": "2024-06-26T18:59:25.088Z",
"dateReserved": "2024-06-18T16:37:02.728Z",
"dateUpdated": "2024-08-02T04:12:25.267Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2026-39312 (GCVE-0-2026-39312)
Vulnerability from cvelistv5 – Published: 2026-04-07 16:52 – Updated: 2026-04-07 17:27
VLAI?
Title
Pre-Auth EAP-TLS DoS on SoftEther VPN Developer Edition
Summary
SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. In 5.2.5188 and earlier, a pre-authentication denial-of-service vulnerability exists in SoftEther VPN Developer Edition 5.2.5188 (and likely earlier versions of Developer Edition). An unauthenticated remote attacker can crash the vpnserver process by sending a single malformed EAP-TLS packet over raw L2TP (UDP/1701), terminating all active VPN sessions.
Severity ?
7.5 (High)
CWE
- CWE-789 - Memory Allocation with Excessive Size Value
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SoftEtherVPN | SoftEtherVPN |
Affected:
<= 5.2.5188
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-39312",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-07T17:27:13.530375Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-07T17:27:16.498Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/SoftEtherVPN/SoftEtherVPN/security/advisories/GHSA-q5g3-qhc6-pr3h"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SoftEtherVPN",
"vendor": "SoftEtherVPN",
"versions": [
{
"status": "affected",
"version": "\u003c= 5.2.5188"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. In 5.2.5188 and earlier, a pre-authentication denial-of-service vulnerability exists in SoftEther VPN Developer Edition 5.2.5188 (and likely earlier versions of Developer Edition). An unauthenticated remote attacker can crash the vpnserver process by sending a single malformed EAP-TLS packet over raw L2TP (UDP/1701), terminating all active VPN sessions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-789",
"description": "CWE-789: Memory Allocation with Excessive Size Value",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-07T16:52:08.172Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/SoftEtherVPN/SoftEtherVPN/security/advisories/GHSA-q5g3-qhc6-pr3h",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/SoftEtherVPN/SoftEtherVPN/security/advisories/GHSA-q5g3-qhc6-pr3h"
}
],
"source": {
"advisory": "GHSA-q5g3-qhc6-pr3h",
"discovery": "UNKNOWN"
},
"title": "Pre-Auth EAP-TLS DoS on SoftEther VPN Developer Edition"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-39312",
"datePublished": "2026-04-07T16:52:08.172Z",
"dateReserved": "2026-04-06T19:31:07.265Z",
"dateUpdated": "2026-04-07T17:27:16.498Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-32787 (GCVE-0-2025-32787)
Vulnerability from cvelistv5 – Published: 2025-04-16 21:41 – Updated: 2025-04-17 13:15
VLAI?
Title
SoftEtherVPN Affected by NULL dereference in DeleteIPv6DefaultRouterInRA
Summary
SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. Versions 5.02.5184 to 5.02.5187 are vulnerable to NULL dereference in `DeleteIPv6DefaultRouterInRA` called by `StorePacket`. Before dereferencing, `DeleteIPv6DefaultRouterInRA` does not account for `ParsePacket` returning NULL, resulting in the program crashing. A patched version does not exist at this time.
Severity ?
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SoftEtherVPN | SoftEtherVPN |
Affected:
>= 5.02.5184, <= 5.02.5187
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-32787",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-17T13:15:14.404650Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-17T13:15:18.899Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/SoftEtherVPN/SoftEtherVPN/security/advisories/GHSA-xw53-587j-mqh6"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SoftEtherVPN",
"vendor": "SoftEtherVPN",
"versions": [
{
"status": "affected",
"version": "\u003e= 5.02.5184, \u003c= 5.02.5187"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. Versions 5.02.5184 to 5.02.5187 are vulnerable to NULL dereference in `DeleteIPv6DefaultRouterInRA` called by `StorePacket`. Before dereferencing, `DeleteIPv6DefaultRouterInRA` does not account for `ParsePacket` returning NULL, resulting in the program crashing. A patched version does not exist at this time."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476: NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T21:41:15.966Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/SoftEtherVPN/SoftEtherVPN/security/advisories/GHSA-xw53-587j-mqh6",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/SoftEtherVPN/SoftEtherVPN/security/advisories/GHSA-xw53-587j-mqh6"
},
{
"name": "https://github.com/SoftEtherVPN/SoftEtherVPN/blob/7006539732c0231d7723623cc8732f94ba2b8c54/src/Cedar/Hub.c#L5112C1-L5116C29",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/SoftEtherVPN/SoftEtherVPN/blob/7006539732c0231d7723623cc8732f94ba2b8c54/src/Cedar/Hub.c#L5112C1-L5116C29"
},
{
"name": "https://github.com/SoftEtherVPN/SoftEtherVPN/blob/master/src/Mayaqua/TcpIp.c#L1633",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/SoftEtherVPN/SoftEtherVPN/blob/master/src/Mayaqua/TcpIp.c#L1633"
}
],
"source": {
"advisory": "GHSA-xw53-587j-mqh6",
"discovery": "UNKNOWN"
},
"title": "SoftEtherVPN Affected by NULL dereference in DeleteIPv6DefaultRouterInRA"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-32787",
"datePublished": "2025-04-16T21:41:15.966Z",
"dateReserved": "2025-04-10T12:51:12.280Z",
"dateUpdated": "2025-04-17T13:15:18.899Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38520 (GCVE-0-2024-38520)
Vulnerability from cvelistv5 – Published: 2024-06-26 18:59 – Updated: 2024-08-02 04:12
VLAI?
Title
SoftEther VPN with L2TP - 2.75x Amplification
Summary
SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. When SoftEtherVPN is deployed with L2TP enabled on a device, it introduces the possibility of the host being used for amplification/reflection traffic generation because it will respond to every packet with two response packets that are larger than the request packet size. These sorts of techniques are used by external actors who generate spoofed source IPs to target a destination on the internet. This vulnerability has been patched in version 5.02.5185.
Severity ?
5.3 (Medium)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SoftEtherVPN | SoftEtherVPN |
Affected:
<= 5.02.5183
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:softether:vpn:5.02:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vpn",
"vendor": "softether",
"versions": [
{
"status": "affected",
"version": "5.02.5185"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38520",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-26T20:51:29.981598Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-26T20:53:01.101Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.267Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/SoftEtherVPN/SoftEtherVPN/security/advisories/GHSA-j35p-p8pj-vqxq",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/SoftEtherVPN/SoftEtherVPN/security/advisories/GHSA-j35p-p8pj-vqxq"
},
{
"name": "https://github.com/SoftEtherVPN/SoftEtherVPN/commit/c2a7aa548137dc80c6aafdc645cf4dc34e0dc764",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/SoftEtherVPN/SoftEtherVPN/commit/c2a7aa548137dc80c6aafdc645cf4dc34e0dc764"
},
{
"name": "https://github.com/SoftEtherVPN/SoftEtherVPN/releases/tag/5.02.5185",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/SoftEtherVPN/SoftEtherVPN/releases/tag/5.02.5185"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SoftEtherVPN",
"vendor": "SoftEtherVPN",
"versions": [
{
"status": "affected",
"version": "\u003c= 5.02.5183"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. When SoftEtherVPN is deployed with L2TP enabled on a device, it introduces the possibility of the host being used for amplification/reflection traffic generation because it will respond to every packet with two response packets that are larger than the request packet size. These sorts of techniques are used by external actors who generate spoofed source IPs to target a destination on the internet. This vulnerability has been patched in version 5.02.5185.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-02T15:16:05.881Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/SoftEtherVPN/SoftEtherVPN/security/advisories/GHSA-j35p-p8pj-vqxq",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/SoftEtherVPN/SoftEtherVPN/security/advisories/GHSA-j35p-p8pj-vqxq"
},
{
"name": "https://github.com/SoftEtherVPN/SoftEtherVPN/commit/c2a7aa548137dc80c6aafdc645cf4dc34e0dc764",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/SoftEtherVPN/SoftEtherVPN/commit/c2a7aa548137dc80c6aafdc645cf4dc34e0dc764"
},
{
"name": "https://github.com/SoftEtherVPN/SoftEtherVPN/releases/tag/5.02.5185",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/SoftEtherVPN/SoftEtherVPN/releases/tag/5.02.5185"
}
],
"source": {
"advisory": "GHSA-j35p-p8pj-vqxq",
"discovery": "UNKNOWN"
},
"title": "SoftEther VPN with L2TP - 2.75x Amplification"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-38520",
"datePublished": "2024-06-26T18:59:25.088Z",
"dateReserved": "2024-06-18T16:37:02.728Z",
"dateUpdated": "2024-08-02T04:12:25.267Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}