Security Advisory

CVE-2025-10680

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-24 10:06:51

Last updated 2026-02-26 16:57:07

Assigner OpenVPN

State PUBLISHED

Description

OpenVPN 2.7_alpha1 through 2.7_beta1 on POSIX based platforms allows a remote authenticated server to inject shell commands via DNS variables when --dns-updown is in use

← Browse all CVEs View on cve.org ↗