CVE-2018-7544

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2018-7544

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-7544.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-7544

Related

Withdrawn

2018-03-16T14:57:01Z

Published

2018-03-16T15:29:00Z

Modified

2024-09-03T02:18:59.697385Z

Severity

9.1 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H CVSS Calculator

Summary

[none]

Details

A cross-protocol scripting issue was discovered in the management interface in OpenVPN through 2.4.5. When this interface is enabled over TCP without a password, and when no other clients are connected to this interface, attackers can execute arbitrary management commands, obtain sensitive information, or cause a denial of service (SIGTERM) by triggering XMLHttpRequest actions in a web browser. This is demonstrated by a multipart/form-data POST to http://localhost:23000 with a "signal SIGTERM" command in a TEXTAREA element. NOTE: The vendor disputes that this is a vulnerability. They state that this is the result of improper configuration of the OpenVPN instance rather than an intrinsic vulnerability, and now more explicitly warn against such configurations in both the management-interface documentation, and with a runtime warning

References

Affected packages

Debian:11 / openvpn

Package

Name: openvpn
Purl: pkg:deb/debian/openvpn?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.5.1-3

2.5.5-1

2.5.6-1

2.6.0~git20220317+dco-1

2.6.0~git20220510+dco-1

2.6.0~git20220518+dco-1

2.6.0~git20220518+dco-2

2.6.0~git20220518+dco-3

2.6.0~git20220808-1

2.6.0~git20220811-1

2.6.0~git20220811-2

2.6.0~git20220818-1

2.6.0~git20221116-1

2.6.0~git20221201-1

2.6.0~git20221215+beta2-1

2.6.0~git20221222-1

2.6.0~rc1-1~bpo11+1

2.6.0~rc1-1

2.6.0~rc2-1

2.6.0-1~bpo11+1

2.6.0-1

2.6.1-1~exp1

2.6.1-1

2.6.2-1~exp1

2.6.2-1~exp2

2.6.3-1~bpo11+1

2.6.3-1

2.6.3-2

2.6.3-2.1

2.6.7-1

2.6.9-1

2.6.11-1

2.6.12-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / openvpn

Package

Name: openvpn
Purl: pkg:deb/debian/openvpn?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.6.3-1

2.6.3-1+deb12u1~bpo11+1

2.6.3-1+deb12u1

2.6.3-1+deb12u2~bpo11+1

2.6.3-1+deb12u2

2.6.3-2

2.6.3-2.1

2.6.7-1

2.6.9-1

2.6.11-1

2.6.12-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / openvpn

Package

Name: openvpn
Purl: pkg:deb/debian/openvpn?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.6.3-1

2.6.3-2

2.6.3-2.1

2.6.7-1

2.6.9-1

2.6.11-1

2.6.12-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Git / github.com/openvpn/openvpn

Affected ranges

Type: GIT
Repo: https://github.com/openvpn/openvpn
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

27a2e018dfe79af9056ce087155dd39db4280f71

Affected versions

v2.*

v2.1.0

v2.1.1

v2.1.2

v2.1.3

v2.1_rc1

v2.1_rc10

v2.1_rc11

v2.1_rc12

v2.1_rc13

v2.1_rc14

v2.1_rc15

v2.1_rc16

v2.1_rc17

v2.1_rc18

v2.1_rc19

v2.1_rc2

v2.1_rc20

v2.1_rc21

v2.1_rc22

v2.1_rc3

v2.1_rc4

v2.1_rc5

v2.1_rc6

v2.1_rc7

v2.1_rc8

v2.1_rc9

v2.2-RC

v2.2-RC2

v2.2-beta4

v2.2-beta5

v2.3-alpha1

v2.3_alpha2

v2.3_alpha3

v2.3_beta1

v2.4.0

v2.4.1

v2.4.2

v2.4.3

v2.4.4

v2.4.5

v2.4_alpha1

v2.4_alpha2

v2.4_beta1

v2.4_beta2

v2.4_rc1

v2.4_rc2