Unknown · Softether Vpn · CVE-2026-39312
Name of the Vulnerable Software and Affected Versions
SoftEtherVPN versions 5.2.5188 and earlier
Description
SoftEtherVPN is a cross-platform multi-protocol VPN Program. A pre-authentication denial-of-service condition exists. An unauthenticated remote attacker can terminate active VPN sessions by sending a malformed EAP-TLS packet over raw L2TP (UDP/1701), causing the `vpnserver` process to crash.
Recommendations
Update to a version later than 5.2.5188.