Aviatrix: >> Openvpn >> 1.2 Security Vulnerabilities
Arbitrary File Write exists in Aviatrix VPN Client 2.8.2 and earlier. The VPN service writes logs to a location that is world writable and can be leveraged to gain write access to any file on the system.
CVSS Score
7.5
EPSS Score
0.002
Published
2021-04-21
The Aviatrix OpenVPN client through 2.5.7 on Linux, macOS, and Windows is vulnerable when OpenSSL parameters are altered from the issued value set; the parameters could allow unauthorized third-party libraries to load.
CVSS Score
9.8
EPSS Score
0.006
Published
2020-04-16