CVE-2025-15387

Name of the Vulnerable Software and Affected Versions QNO Technology VPN Firewall (affected versions not specified)

Description The VPN Firewall developed by QNO Technology contains an insufficient entropy issue. This allows unauthenticated remote attackers to obtain any logged-in user session through brute-force attacks and subsequently log into the system. The vulnerability allows attackers to gain access by guessing session identifiers.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.