VYPR
Low severity3.1OSV Advisory· Published Apr 16, 2025· Updated Apr 15, 2026

CVE-2025-32787

CVE-2025-32787

Description

SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. Versions 5.02.5184 to 5.02.5187 are vulnerable to NULL dereference in DeleteIPv6DefaultRouterInRA called by StorePacket. Before dereferencing, DeleteIPv6DefaultRouterInRA does not account for ParsePacket returning NULL, resulting in the program crashing. A patched version does not exist at this time.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • 5.02.5184, 5.02.5185, 5.02.5186, …+ 1 more
    • (no CPE)range: 5.02.5184, 5.02.5185, 5.02.5186, …
    • (no CPE)range: 5.02.5184 to 5.02.5187

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.