CRITICAL🇬🇧 English

CVE-2018-7544

CVSS 9.1v3.0pub. 2018-03-16upd. 2024-11-21

A cross-protocol scripting issue was discovered in the management interface in OpenVPN through 2.4.5. When this interface is enabled over TCP without a password, and when no other clients are connected to this interface, attackers can execute arbitrary management commands, obtain sensitive information, or cause a denial of service (SIGTERM) by triggering XMLHttpRequest actions in a web browser. This is demonstrated by a multipart/form-data POST to http://localhost:23000 with a "signal SIGTERM" command in a TEXTAREA element. NOTE: The vendor disputes that this is a vulnerability. They state that this is the result of improper configuration of the OpenVPN instance rather than an intrinsic vulnerability, and now more explicitly warn against such configurations in both the management-interface documentation, and with a runtime warning

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
  • Openvpn

    APP
    Openvpn
    ≤ 2.4.5
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
DoSVPN
CWE
Referencje

Powiązane podatności

CVE-2025-12106CRITICAL9.1PL ✓ten sam produkt

OpenVPN: heap buffer over-read przy parsowaniu adresów IP

CVE-2024-5594CRITICAL9.1PL ✓ten sam produkt

OpenVPN: Wstrzyknięcie danych przez nieoczyszczone wiadomości PUSH_REPLY

CVE-2024-27903CRITICAL9.8PL ✓ten sam produkt

OpenVPN dla Windows — ładowanie wtyczek z dowolnego katalogu

CVE-2023-46850CRITICAL9.8ten sam produkt

Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or rem...

CVE-2022-0547CRITICAL9.8ten sam produkt

OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when...