Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
3DescriptionGitHub Advisory
SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. In 5.2.5188 and earlier, a pre-authentication denial-of-service vulnerability exists in SoftEther VPN Developer Edition 5.2.5188 (and likely earlier versions of Developer Edition). An unauthenticated remote attacker can crash the vpnserver process by sending a single malformed EAP-TLS packet over raw L2TP (UDP/1701), terminating all active VPN sessions.
AnalysisAI
Remote unauthenticated denial-of-service in SoftEther VPN Developer Edition 5.2.5188 and earlier allows attackers to crash the vpnserver process and terminate all active VPN sessions by sending a single malformed EAP-TLS packet over raw L2TP (UDP port 1701). This pre-authentication vulnerability requires no privileges or user interaction (CVSS vector AV:N/AC:L/PR:N/UI:N), enabling trivial service disruption. No public exploit identified at time of analysis, though the attack mechanism is well-documented in vendor advisory GHSA-q5g3-qhc6-pr3h.
Technical ContextAI
This vulnerability stems from improper memory allocation handling (CWE-789) in SoftEther VPN's EAP-TLS implementation when processing L2TP packets. SoftEther VPN is a multi-protocol open-source VPN solution supporting SSL-VPN, L2TP/IPsec, OpenVPN, and MS-SSTP protocols. The flaw exists in the Developer Edition's L2TP server component, which listens on UDP port 1701 for incoming connections. EAP-TLS (Extensible Authentication Protocol - Transport Layer Security) is used for authentication in L2TP/IPsec VPN tunnels. The memory allocation error occurs during pre-authentication packet parsing, before credential validation, allowing the malformed packet to trigger a process crash. This affects the vpnserver daemon that handles all VPN connection multiplexing, making it a single point of failure for all concurrent sessions.
RemediationAI
Users of SoftEther VPN Developer Edition 5.2.5188 or earlier should immediately upgrade to a patched version once released by the vendor. At the time of this analysis, no specific patched version number has been independently confirmed in available data sources. Organizations should monitor the GitHub Security Advisory at https://github.com/SoftEtherVPN/SoftEtherVPN/security/advisories/GHSA-q5g3-qhc6-pr3h for updated patch information and release announcements. As an interim mitigation, administrators should implement network-level access controls restricting UDP port 1701 access to trusted IP ranges only, implement rate-limiting on L2TP connections, or disable L2TP protocol support if alternative VPN protocols can be used. For production environments, consider migrating from Developer Edition to stable release branches if compatible with operational requirements. Deploy network monitoring to detect potential exploit attempts characterized by malformed EAP-TLS packets or unexpected vpnserver process crashes.
Same technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-19804