← Back

Securepoint

securepoint

4 CVEs • 2 products

Products (2)

Click to collapse
Toggle
Openvpn Client
openvpn-client
2 CVEs
Unified Threat Management
unified_threat_management
2 CVEs

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-47101
1Securepoint
1Openvpn Client
Nov 21, 2024
Oct 30, 2023
N/A· v4
7.8 HIGH· v3
N/A· v2
The installer (aka openvpn-client-installer) in Securepoint SSL VPN Client before 2.0.40 allows local privilege escalation during installation or repair.
CVE-2023-22897
1Securepoint
1Unified Threat Management
Feb 10, 2025
Apr 12, 2023
N/A· v4
6.5 MEDIUM· v3
N/A· v2
An issue was discovered in SecurePoint UTM before 12.2.5.1. The firewall's endpoint at /spcgi.cgi allows information disclosure of memory contents to be achieved by an authenticated user. Essentially, uninitialized data...Show more
An issue was discovered in SecurePoint UTM before 12.2.5.1. The firewall's endpoint at /spcgi.cgi allows information disclosure of memory contents to be achieved by an authenticated user. Essentially, uninitialized data can be retrieved via an approach in which a sessionid is obtained but not used.Show less
CVE-2023-22620
1Securepoint
1Unified Threat Management
Feb 10, 2025
Apr 12, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
An issue was discovered in SecurePoint UTM before 12.2.5.1. The firewall's endpoint at /spcgi.cgi allows sessionid information disclosure via an invalid authentication attempt. This can afterwards be used to bypass the d...Show more
An issue was discovered in SecurePoint UTM before 12.2.5.1. The firewall's endpoint at /spcgi.cgi allows sessionid information disclosure via an invalid authentication attempt. This can afterwards be used to bypass the device's authentication and get access to the administrative interface.Show less
CVE-2021-35523
1Securepoint
1Openvpn Client
Nov 21, 2024
Jun 28, 2021
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
Securepoint SSL VPN Client v2 before 2.0.32 on Windows has unsafe configuration handling that enables local privilege escalation to NT AUTHORITY\SYSTEM. A non-privileged local user can modify the OpenVPN configuration st...Show more
Securepoint SSL VPN Client v2 before 2.0.32 on Windows has unsafe configuration handling that enables local privilege escalation to NT AUTHORITY\SYSTEM. A non-privileged local user can modify the OpenVPN configuration stored under "%APPDATA%\Securepoint SSL VPN" and add a external script file that is executed as privileged user.Show less