Vtun-Ng · Vtun-Ng · CVE-2025-54870
**Name of the Vulnerable Software and Affected Versions**
VTun-ng versions 3.0.17 and below
**Description**
VTun-ng, a Virtual Tunnel over TCP/IP network, may revert to plaintext due to insufficient error handling when initializing encryption modules. The issue was introduced in version 3.0.12 and is resolved in version 3.0.18.
**Recommendations**
Update to version 3.0.18 or later.
Avoid using blowfish-256.