VPN
by Hola
CVEs (23)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-11955 | Hig | 0.53 | — | 0.00 | Oct 27, 2025 | Incorrect validation of OCSP certificates vulnerability in TheGreenBow VPN, versions 7.5 and 7.6. During the IKEv2 authentication step, the OCSP-enabled VPN client establishes the tunnel even if it does not receive an OCSP response or if the OCSP response signature is invalid. | ||
| CVE-2017-16757 | Hig | 0.51 | 7.8 | 0.00 | Nov 9, 2017 | Hola VPN 1.34 has weak permissions (Everyone:F) under %PROGRAMFILES%, which allows local users to gain privileges via a Trojan horse 7za.exe or hola.exe file. | ||
| CVE-2023-28771 | 0.23 | — | 0.99 | KEV | Apr 25, 2023 | Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, which could allow an… | ||
| CVE-2025-25565 | 0.00 | — | 0.01 | Mar 12, 2025 | SoftEther VPN 5.02.5187 is vulnerable to Buffer Overflow in the Command.c file via the PtMakeCert and PtMakeCert2048 functions. NOTE: the Supplier disputes this because the behavior only allows a user to attack himself by typing a long string on a command line. | |||
| CVE-2024-41183 | 0.00 | — | 0.01 | Oct 22, 2024 | Trend Micro VPN, version 5.8.1012 and below is vulnerable to an arbitrary file overwrite under specific conditions that can lead to elevation of privileges. | |||
| CVE-2024-1195 | 0.00 | — | 0.00 | Feb 2, 2024 | A vulnerability classified as critical was found in iTop VPN up to 4.0.0.1. Affected by this vulnerability is an unknown functionality in the library ITopVpnCallbackProcess.sys of the component IOCTL Handler. The manipulation leads to denial of service. The attack needs to be… | |||
| CVE-2023-27395 | 0.00 | — | 0.01 | Oct 12, 2023 | A heap-based buffer overflow vulnerability exists in the vpnserver WpcParsePacket() functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674 and 5.02. A specially crafted network packet can lead to arbitrary code execution. An attacker can perform a man-in-the-middle attack to… | |||
| CVE-2023-22325 | 0.00 | — | 0.01 | Oct 12, 2023 | A denial of service vulnerability exists in the DCRegister DDNS_RPC_MAX_RECV_SIZE functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service. An attacker can perform a man-in-the-middle attack to trigger… | |||
| CVE-2023-32275 | 0.00 | — | 0.00 | Oct 12, 2023 | An information disclosure vulnerability exists in the CtEnumCa() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. Specially crafted network packets can lead to a disclosure of sensitive information. An attacker can send packets to trigger this vulnerability. | |||
| CVE-2023-27516 | 0.00 | — | 0.01 | Oct 12, 2023 | An authentication bypass vulnerability exists in the CiRpcAccepted() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. A specially crafted network packet can lead to unauthorized access. An attacker can send a network request to trigger this vulnerability. | |||
| CVE-2023-32634 | 0.00 | — | 0.00 | Oct 12, 2023 | An authentication bypass vulnerability exists in the CiRpcServerThread() functionality of SoftEther VPN 5.01.9674 and 4.41-9782-beta. An attacker can perform a local man-in-the-middle attack to trigger this vulnerability. | |||
| CVE-2023-31192 | 0.00 | — | 0.01 | Oct 12, 2023 | An information disclosure vulnerability exists in the ClientConnect() functionality of SoftEther VPN 5.01.9674. A specially crafted network packet can lead to a disclosure of sensitive information. An attacker can perform a man-in-the-middle attack to trigger this vulnerability. | |||
| CVE-2023-22844 | 0.00 | — | 0.01 | Jul 6, 2023 | An authentication bypass vulnerability exists in the requestHandlers.js verifyToken functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to authentication bypass. An attacker can send a network request to trigger this vulnerability. | |||
| CVE-2023-23907 | 0.00 | — | 0.01 | Jul 6, 2023 | A directory traversal vulnerability exists in the server.js start functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to arbitrary file read. An attacker can send a network request to trigger this vulnerability. | |||
| CVE-2023-22371 | 0.00 | — | 0.03 | Jul 6, 2023 | An os command injection vulnerability exists in the liburvpn.so create_private_key functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to command execution. An attacker can send a malicious packet to trigger this vulnerability. | |||
| CVE-2023-24497 | 0.00 | — | 0.01 | Jul 6, 2023 | Cross-site scripting (xss) vulnerabilities exist in the requestHandlers.js detail_device functionality of Milesight VPN v2.0.2. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger these… | |||
| CVE-2023-24496 | 0.00 | — | 0.01 | Jul 6, 2023 | Cross-site scripting (xss) vulnerabilities exist in the requestHandlers.js detail_device functionality of Milesight VPN v2.0.2. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger these… | |||
| CVE-2022-37835 | 0.00 | — | 0.01 | Sep 12, 2022 | Torguard VPN 4.8, has a vulnerability that allows an attacker to dump sensitive information, such as credentials and information about the server, without admin privileges. | |||
| CVE-2022-34593 | 0.00 | — | 0.01 | Jul 28, 2022 | DPTech VPN v8.1.28.0 was discovered to contain an arbitrary file read vulnerability. | |||
| CVE-2022-24140 | 0.00 | — | 0.01 | Jul 6, 2022 | IOBit Advanced System Care 15, iTop Screen Recorder 2.1, iTop VPN 3.2, Driver Booster 9, and iTop Screenshot sends HTTP requests in their update procedure in order to download a config file. After downloading the config file, the products will parse the HTTP location of the… |
- risk 0.53cvss —epss 0.00
Incorrect validation of OCSP certificates vulnerability in TheGreenBow VPN, versions 7.5 and 7.6. During the IKEv2 authentication step, the OCSP-enabled VPN client establishes the tunnel even if it does not receive an OCSP response or if the OCSP response signature is invalid.
- risk 0.51cvss 7.8epss 0.00
Hola VPN 1.34 has weak permissions (Everyone:F) under %PROGRAMFILES%, which allows local users to gain privileges via a Trojan horse 7za.exe or hola.exe file.
- risk 0.23cvss —epss 0.99
Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, which could allow an…
- CVE-2025-25565Mar 12, 2025risk 0.00cvss —epss 0.01
SoftEther VPN 5.02.5187 is vulnerable to Buffer Overflow in the Command.c file via the PtMakeCert and PtMakeCert2048 functions. NOTE: the Supplier disputes this because the behavior only allows a user to attack himself by typing a long string on a command line.
- CVE-2024-41183Oct 22, 2024risk 0.00cvss —epss 0.01
Trend Micro VPN, version 5.8.1012 and below is vulnerable to an arbitrary file overwrite under specific conditions that can lead to elevation of privileges.
- CVE-2024-1195Feb 2, 2024risk 0.00cvss —epss 0.00
A vulnerability classified as critical was found in iTop VPN up to 4.0.0.1. Affected by this vulnerability is an unknown functionality in the library ITopVpnCallbackProcess.sys of the component IOCTL Handler. The manipulation leads to denial of service. The attack needs to be…
- CVE-2023-27395Oct 12, 2023risk 0.00cvss —epss 0.01
A heap-based buffer overflow vulnerability exists in the vpnserver WpcParsePacket() functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674 and 5.02. A specially crafted network packet can lead to arbitrary code execution. An attacker can perform a man-in-the-middle attack to…
- CVE-2023-22325Oct 12, 2023risk 0.00cvss —epss 0.01
A denial of service vulnerability exists in the DCRegister DDNS_RPC_MAX_RECV_SIZE functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service. An attacker can perform a man-in-the-middle attack to trigger…
- CVE-2023-32275Oct 12, 2023risk 0.00cvss —epss 0.00
An information disclosure vulnerability exists in the CtEnumCa() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. Specially crafted network packets can lead to a disclosure of sensitive information. An attacker can send packets to trigger this vulnerability.
- CVE-2023-27516Oct 12, 2023risk 0.00cvss —epss 0.01
An authentication bypass vulnerability exists in the CiRpcAccepted() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. A specially crafted network packet can lead to unauthorized access. An attacker can send a network request to trigger this vulnerability.
- CVE-2023-32634Oct 12, 2023risk 0.00cvss —epss 0.00
An authentication bypass vulnerability exists in the CiRpcServerThread() functionality of SoftEther VPN 5.01.9674 and 4.41-9782-beta. An attacker can perform a local man-in-the-middle attack to trigger this vulnerability.
- CVE-2023-31192Oct 12, 2023risk 0.00cvss —epss 0.01
An information disclosure vulnerability exists in the ClientConnect() functionality of SoftEther VPN 5.01.9674. A specially crafted network packet can lead to a disclosure of sensitive information. An attacker can perform a man-in-the-middle attack to trigger this vulnerability.
- CVE-2023-22844Jul 6, 2023risk 0.00cvss —epss 0.01
An authentication bypass vulnerability exists in the requestHandlers.js verifyToken functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to authentication bypass. An attacker can send a network request to trigger this vulnerability.
- CVE-2023-23907Jul 6, 2023risk 0.00cvss —epss 0.01
A directory traversal vulnerability exists in the server.js start functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to arbitrary file read. An attacker can send a network request to trigger this vulnerability.
- CVE-2023-22371Jul 6, 2023risk 0.00cvss —epss 0.03
An os command injection vulnerability exists in the liburvpn.so create_private_key functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to command execution. An attacker can send a malicious packet to trigger this vulnerability.
- CVE-2023-24497Jul 6, 2023risk 0.00cvss —epss 0.01
Cross-site scripting (xss) vulnerabilities exist in the requestHandlers.js detail_device functionality of Milesight VPN v2.0.2. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger these…
- CVE-2023-24496Jul 6, 2023risk 0.00cvss —epss 0.01
Cross-site scripting (xss) vulnerabilities exist in the requestHandlers.js detail_device functionality of Milesight VPN v2.0.2. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger these…
- CVE-2022-37835Sep 12, 2022risk 0.00cvss —epss 0.01
Torguard VPN 4.8, has a vulnerability that allows an attacker to dump sensitive information, such as credentials and information about the server, without admin privileges.
- CVE-2022-34593Jul 28, 2022risk 0.00cvss —epss 0.01
DPTech VPN v8.1.28.0 was discovered to contain an arbitrary file read vulnerability.
- CVE-2022-24140Jul 6, 2022risk 0.00cvss —epss 0.01
IOBit Advanced System Care 15, iTop Screen Recorder 2.1, iTop VPN 3.2, Driver Booster 9, and iTop Screenshot sends HTTP requests in their update procedure in order to download a config file. After downloading the config file, the products will parse the HTTP location of the…
Page 1 of 2