CVE-2024-38520

Name of the Vulnerable Software and Affected Versions SoftEtherVPN versions prior to 5.02.5185

Description The issue arises when SoftEtherVPN is deployed with L2TP enabled, allowing the host to be used for amplification/reflection traffic generation. This occurs because the program responds to every packet with two response packets that are larger than the request packet size. External actors can exploit this by generating spoofed source IPs to target a destination on the internet.

Recommendations For versions prior to 5.02.5185, update to version 5.02.5185 to resolve the issue. As a temporary workaround, consider disabling L2TP until the patch is applied. Restrict access to the L2TP protocol to minimize the risk of exploitation.