CVE-2014-9755CVE-2014-9755

Affected configuration(s):

cpe:/o:viprinet:multichannel_vpn_router_300_firmware:2013070830
cpe:/o:viprinet:multichannel_vpn_router_300_firmware:2013080900

Date published: 2017-01-20T10:59:00.240-05:00

Date last modified: 2017-01-26T14:33:40.677-05:00

CVSS Score: 5.0

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://packetstormsecurity.com/files/135614/Viprinet-Multichannel-VPN-Router-300-Identity-Verification-Fail.html

Summary: The hardware VPN client in Viprinet MultichannelVPN Router 300 version 2013070830/2013080900 does not validate the remote VPN endpoint identity (through the checking of the endpoint’s SSL key) before initiating the exchange, which allows remote attackers to perform a replay attack.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.