Softether Vpn
13 CVEs affecting Softether Vpn. Latest disclosed: 2025-03-12. Critical: 4, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-25568 | Critical | 9.8 | 2025-03-12 | SoftEtherVPN 5.02.5187 is vulnerable to Use after Free in the Command.c file via the CheckNetworkAcceptThread function. NOTE: the Supplier disputes this becaus… |
CVE-2025-25567 | Critical | 9.8 | 2025-03-12 | SoftEther VPN 5.02.5187 is vulnerable to Buffer Overflow in Internat.c via the UniToStrForSingleChars function. NOTE: the Supplier disputes this because the be… |
CVE-2025-25565 | Critical | 9.8 | 2025-03-12 | SoftEther VPN 5.02.5187 is vulnerable to Buffer Overflow in the Command.c file via the PtMakeCert and PtMakeCert2048 functions. NOTE: the Supplier disputes thi… |
CVE-2023-27395 | Critical | 9.0 | 2023-10-12 | A heap-based buffer overflow vulnerability exists in the vpnserver WpcParsePacket() functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674 and 5.02. A specia… |
CVE-2023-32634 | High | 7.8 | 2023-10-12 | An authentication bypass vulnerability exists in the CiRpcServerThread() functionality of SoftEther VPN 5.01.9674 and 4.41-9782-beta. An attacker can perform a… |
CVE-2023-25774 | High | 7.5 | 2023-10-12 | A denial-of-service vulnerability exists in the vpnserver ConnectionAccept() functionality of SoftEther VPN 5.02. A set of specially crafted network connection… |
CVE-2023-23581 | High | 7.5 | 2023-10-12 | A denial-of-service vulnerability exists in the vpnserver EnSafeHttpHeaderValueStr functionality of SoftEther VPN 5.01.9674 and 5.02. A specially crafted netwo… |
CVE-2023-22308 | High | 7.5 | 2023-10-12 | An integer underflow vulnerability exists in the vpnserver OvsProcessData functionality of SoftEther VPN 5.01.9674 and 5.02. A specially crafted network packet… |
CVE-2023-27516 | High | 7.3 | 2023-10-12 | An authentication bypass vulnerability exists in the CiRpcAccepted() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. A specially crafted network p… |
CVE-2023-22325 | Medium | 5.9 | 2023-10-12 | A denial of service vulnerability exists in the DCRegister DDNS_RPC_MAX_RECV_SIZE functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674 and 5.02. A speciall… |
CVE-2025-25566 | Medium | 5.6 | 2025-03-12 | Memory Leak vulnerability in SoftEtherVPN 5.02.5187 allows an attacker to cause a denial of service via the UnixMemoryAlloc function. NOTE: the Supplier disput… |
CVE-2023-32275 | Medium | 5.5 | 2023-10-12 | An information disclosure vulnerability exists in the CtEnumCa() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. Specially crafted network packets… |
CVE-2023-31192 | Medium | 5.3 | 2023-10-12 | An information disclosure vulnerability exists in the ClientConnect() functionality of SoftEther VPN 5.01.9674. A specially crafted network packet can lead to… |