Softether Vpn

13 CVEs affecting Softether Vpn. Latest disclosed: 2025-03-12. Critical: 4, High: 5.

Top CVEs affecting Softether Vpn
CVESeverityScorePublishedSummary
CVE-2025-25568Critical9.82025-03-12SoftEtherVPN 5.02.5187 is vulnerable to Use after Free in the Command.c file via the CheckNetworkAcceptThread function. NOTE: the Supplier disputes this becaus…
CVE-2025-25567Critical9.82025-03-12SoftEther VPN 5.02.5187 is vulnerable to Buffer Overflow in Internat.c via the UniToStrForSingleChars function. NOTE: the Supplier disputes this because the be…
CVE-2025-25565Critical9.82025-03-12SoftEther VPN 5.02.5187 is vulnerable to Buffer Overflow in the Command.c file via the PtMakeCert and PtMakeCert2048 functions. NOTE: the Supplier disputes thi…
CVE-2023-27395Critical9.02023-10-12A heap-based buffer overflow vulnerability exists in the vpnserver WpcParsePacket() functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674 and 5.02. A specia…
CVE-2023-32634High7.82023-10-12An authentication bypass vulnerability exists in the CiRpcServerThread() functionality of SoftEther VPN 5.01.9674 and 4.41-9782-beta. An attacker can perform a…
CVE-2023-25774High7.52023-10-12A denial-of-service vulnerability exists in the vpnserver ConnectionAccept() functionality of SoftEther VPN 5.02. A set of specially crafted network connection…
CVE-2023-23581High7.52023-10-12A denial-of-service vulnerability exists in the vpnserver EnSafeHttpHeaderValueStr functionality of SoftEther VPN 5.01.9674 and 5.02. A specially crafted netwo…
CVE-2023-22308High7.52023-10-12An integer underflow vulnerability exists in the vpnserver OvsProcessData functionality of SoftEther VPN 5.01.9674 and 5.02. A specially crafted network packet…
CVE-2023-27516High7.32023-10-12An authentication bypass vulnerability exists in the CiRpcAccepted() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. A specially crafted network p…
CVE-2023-22325Medium5.92023-10-12A denial of service vulnerability exists in the DCRegister DDNS_RPC_MAX_RECV_SIZE functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674 and 5.02. A speciall…
CVE-2025-25566Medium5.62025-03-12Memory Leak vulnerability in SoftEtherVPN 5.02.5187 allows an attacker to cause a denial of service via the UnixMemoryAlloc function. NOTE: the Supplier disput…
CVE-2023-32275Medium5.52023-10-12An information disclosure vulnerability exists in the CtEnumCa() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. Specially crafted network packets…
CVE-2023-31192Medium5.32023-10-12An information disclosure vulnerability exists in the ClientConnect() functionality of SoftEther VPN 5.01.9674. A specially crafted network packet can lead to…