VYPR

Radsecproxy

by Radsecproxy

CVEs (3)

  • CVE-2021-32642HigMay 28, 2021
    risk 0.46cvss 7.0epss 0.01

    radsecproxy is a generic RADIUS proxy that supports both UDP and TLS (RadSec) RADIUS transports. Missing input validation in radsecproxy's `naptr-eduroam.sh` and `radsec-dynsrv.sh` scripts can lead to configuration injection via crafted radsec peer discovery DNS records. Users…

  • CVE-2012-4566Nov 20, 2012
    risk 0.00cvss epss 0.01

    The DTLS support in radsecproxy before 1.6.2 does not properly verify certificates when there are configuration blocks with CA settings that are unrelated to the block being used for verifying the certificate chain, which might allow remote attackers to bypass intended access…

  • CVE-2012-4523Nov 20, 2012
    risk 0.00cvss epss 0.02

    radsecproxy before 1.6.1 does not properly verify certificates when there are configuration blocks with CA settings that are unrelated to the block being used for verifying the certificate chain, which might allow remote attackers to bypass intended access restrictions and spoof…