CVE-2017-7478

HIGH

OpenVPN 2.3.12-2.3.14 - Unauthenticated Denial of Service via Large Control Packet

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-7478. PoCs published by QuarksLab.

AI-analyzed exploit summary This exploit triggers a denial-of-service (DoS) in OpenVPN 2.4.0 by sending a malformed P_CONTROL_V1 packet with an oversized data field, causing an assertion failure in ssl.c. It leverages UDP-based packet manipulation to crash the server.

Description

OpenVPN version 2.3.12 and newer is vulnerable to unauthenticated Denial of Service of server via received large control packet. Note that this issue is fixed in 2.3.15 and 2.4.2.

Exploits (1)

exploitdb WORKING POC VERIFIED

by QuarksLab · pythondosmultiple

https://www.exploit-db.com/exploits/41993

View Code ZIP pw:eip

This exploit triggers a denial-of-service (DoS) in OpenVPN 2.4.0 by sending a malformed P_CONTROL_V1 packet with an oversized data field, causing an assertion failure in ssl.c. It leverages UDP-based packet manipulation to crash the server.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: OpenVPN 2.4.0

No auth needed

Prerequisites: Network access to the OpenVPN server · OpenVPN server running version 2.4.0

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/41993/

Vendor Advisory x_refsource_confirm

https://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineerAudits

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1038473

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/98444

Scores

CVSS v3 7.5

EPSS 0.1389

EPSS Percentile 96.1%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-20 CWE-617

Status published

Products (6)

openvpn/openvpn 2.3.12

openvpn/openvpn 2.3.13

openvpn/openvpn 2.3.14

openvpn/openvpn 2.4.0 (6 CPE variants)

openvpn/openvpn 2.4.1

OpenVPN Technologies, Inc/openvpn 2.3.12 and newer

Published May 15, 2017

Tracked Since Feb 18, 2026