Vulnerabilities > Openvpn > High

DATE CVE VULNERABILITY TITLE RISK
2020-02-13 CVE-2020-8953 Improper Authentication vulnerability in Openvpn Access Server 2.8.0
OpenVPN Access Server 2.8.x before 2.8.1 allows LDAP authentication bypass (except when a user is enrolled in two-factor authentication).
network
low complexity
openvpn CWE-287
7.5
2008-08-04 CVE-2008-3459 Configuration vulnerability in Openvpn 2.1
Unspecified vulnerability in OpenVPN 2.1-beta14 through 2.1-rc8, when running on non-Windows systems, allows remote servers to execute arbitrary commands via crafted (1) lladdr and (2) iproute configuration directives, probably related to shell metacharacters.
network
high complexity
openvpn CWE-16
7.6
2005-11-01 CVE-2005-3393 Remote Format String vulnerability in Openvpn and Openvpn Access Server
Format string vulnerability in the foreign_option function in options.c for OpenVPN 2.0.x allows remote clients to execute arbitrary code via format string specifiers in a push of the dhcp-option command option.
network
low complexity
openvpn
7.5