CVE-2023-22325

Name of the Vulnerable Software and Affected Versions SoftEther VPN versions 4.41-9782-beta through 5.02

Description A denial of service issue exists in the DCRegister functionality of SoftEther VPN, related to the DDNS RPC MAX RECV SIZE. This can be triggered by a specially crafted network packet, potentially allowing a remote attacker to cause a denial of service. An attacker can perform a man-in-the-middle attack to exploit this issue.

Recommendations For versions 4.41-9782-beta through 5.02, consider restricting access to the DCRegister functionality until a patch is available. As a temporary workaround, avoid using the DDNS RPC MAX RECV SIZE functionality in the affected API endpoint until the issue is resolved. Restrict access to the vulnerable module to minimize the risk of exploitation.