Known Vulnerabilities for Openvpn Access Server by Openvpn
Listed below are 10 of the newest known vulnerabilities associated with "Openvpn Access Server" by "Openvpn".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2025-3110 json | OpenVPN Access Server 2.7.2 through 3.1.0 accepts bare line-feed sequences inside HTTP header values, allowing remote attacke... | Not Provided | 2026-07-08 | 2026-07-08 |
| CVE-2023-46850 json | Not Provided | 2023-11-11 | 2026-06-23 | |
| CVE-2023-33621 json | GL.iNET GL-AR750S-Ext firmware v3.215 inserts the admin authentication token into a GET request when the OpenVPN Server confi... | Not Provided | 2023-06-13 | 2026-07-09 |
| CVE-2022-33738 json | OpenVPN Access Server before 2.11 uses a weak random generator used to create user session token for the web portal | 7.5 - HIGH | 2022-07-06 | 2022-07-15 |
| CVE-2022-33737 json | The OpenVPN Access Server installer creates a log file readable for everyone, which from version 2.10.0 and before 2.11.0 may... | 7.5 - HIGH | 2022-07-06 | 2023-07-21 |
| CVE-2021-4234 json | OpenVPN Access Server 2.10 and prior versions are susceptible to resending multiple packets in a response to a reset packet s... | 7.5 - HIGH | 2022-07-06 | 2022-07-14 |
| CVE-2021-3824 json | OpenVPN Access Server 2.9.0 through 2.9.4 allow remote attackers to inject arbitrary web script or HTML via the web login pag... | 6.1 - MEDIUM | 2021-09-23 | 2021-09-29 |
| CVE-2020-36382 json | OpenVPN Access Server 2.7.3 to 2.8.7 allows remote attackers to trigger an assert during the user authentication phase via in... | 7.5 - HIGH | 2021-06-04 | 2022-09-20 |
| CVE-2020-15077 json | OpenVPN Access Server 2.8.7 and earlier versions allows a remote attackers to bypass authentication and access control channe... | 5.3 - MEDIUM | 2021-06-04 | 2022-08-05 |
| CVE-2020-15074 json | OpenVPN Access Server older than version 2.8.4 and version 2.9.5 generates new user authentication tokens instead of reusing ... | 7.5 - HIGH | 2020-07-14 | 2021-11-23 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Openvpn | Openvpn Access Server | 2.8.3 | |||
| Application | Openvpn | Openvpn Access Server | 2.8.2 | |||
| Application | Openvpn | Openvpn Access Server | 2.8.1 | |||
| Application | Openvpn | Openvpn Access Server | 2.8.0 | |||
| Application | Openvpn | Openvpn Access Server | 2.7.5 | |||
| Application | Openvpn | Openvpn Access Server | 2.7.4 | |||
| Application | Openvpn | Openvpn Access Server | 2.7.3 | |||
| Application | Openvpn | Openvpn Access Server | 2.6.1 | |||
| Application | Openvpn | Openvpn Access Server | 2.5.2 | |||
| Application | Openvpn | Openvpn Access Server | 2.5.0 | |||
| Application | Openvpn | Openvpn Access Server | 2.1.9 | |||
| Application | Openvpn | Openvpn Access Server | 2.1.8 | |||
| Application | Openvpn | Openvpn Access Server | 2.1.6 | |||
| Application | Openvpn | Openvpn Access Server | 2.1.4 | |||
| Application | Openvpn | Openvpn Access Server | 2.1.2 | |||
| Application | Openvpn | Openvpn Access Server | 2.1.12 | |||
| Application | Openvpn | Openvpn Access Server | 2.1.1 | |||
| Application | Openvpn | Openvpn Access Server | 2.1.0 | |||
| Application | Openvpn | Openvpn Access Server | 2.0.8 | |||
| Application | Openvpn | Openvpn Access Server | 2.0.7 |