The interactive service in OpenVPN 2.6.9 and earlier allows the OpenVPN service pipe to be accessed remotely, which allows a remote attacker to interact with the privileged OpenVPN interactive service.
2024-07-08T11:15:10.103
2024-11-21T09:00:04.127
Modified
CVSSv3.1: 7.5 (HIGH)
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | openvpn | openvpn | < 2.5.10 | Yes |
Application | openvpn | openvpn | < 2.6.10 | Yes |