CVE-2023-22308

Summary

An integer underflow vulnerability exists in the vpnserver OvsProcessData functionality of SoftEther VPN 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.

Affected Software

VendorProductVersion RangeStatus
SoftEther VPNSoftEther VPN5.01.9674affected
SoftEther VPNSoftEther VPN5.02affected

Weaknesses

  • CWE-191: CWE-191: Integer Underflow (Wrap or Wraparound)

ADP Enrichment

CVE Program Container

Additional References

References