
We found results for “”
CVE-2025-32787
Date: April 16, 2025
SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. Versions 5.02.5184 to 5.02.5187 are vulnerable to NULL dereference in "DeleteIPv6DefaultRouterInRA" called by "StorePacket". Before dereferencing, "DeleteIPv6DefaultRouterInRA" does not account for "ParsePacket" returning NULL, resulting in the program crashing. A patched version does not exist at this time.
Severity Score
Related Resources (5)
Severity Score
Weakness Type (CWE)
NULL Pointer Dereference
CWE-476CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | HIGH |
Privileges Required (PR): | LOW |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | NONE |
Integrity (I): | NONE |
Availability (A): | LOW |