CVE-2018-7544

Name of the Vulnerable Software and Affected Versions OpenVPN versions through 2.4.5

Description A cross-protocol scripting issue was discovered in the management interface of OpenVPN. When this interface is enabled over TCP without a password and no other clients are connected, attackers can execute arbitrary management commands, obtain sensitive information, or cause a denial of service (SIGTERM) by triggering XMLHttpRequest actions in a web browser. This can be demonstrated by a multipart/form-data POST to "http://localhost:23000" with a "signal SIGTERM" command in a TEXTAREA element. The vendor disputes this as a vulnerability, stating it is the result of improper configuration rather than an intrinsic vulnerability.

Recommendations For OpenVPN versions through 2.4.5, consider disabling the management interface over TCP without a password as a temporary workaround until a more secure configuration can be implemented. Restrict access to the management interface to minimize the risk of exploitation. Avoid using the management interface without proper authentication and authorization mechanisms in place. At the moment, there is no information about a newer version that contains a fix for this vulnerability.