VYPR
High severity8.8NVD Advisory· Published Oct 14, 2022· Updated Jun 17, 2026

CVE-2021-27406

CVE-2021-27406

Description

An attacker can take leverage on PerFact OpenVPN-Client versions 1.4.1.0 and prior to send the config command from any application running on the local host machine to force the back-end server into initializing a new open-VPN instance with arbitrary open-VPN configuration. This could result in the attacker achieving execution with privileges of a SYSTEM user.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • PerFact/OpenVPN-Clientllm-fuzzy2 versions
    <=1.4.1.0+ 1 more
    • (no CPE)range: <=1.4.1.0
    • (no CPE)range: unspecified

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.