CVE-2021-41583
MEDIUMvpn-user-portal 2.3.2-2.3.13 - Authenticated Arbitrary File Read via QR Code Exec Interaction
Title source: llmDescription
vpn-user-portal (aka eduVPN or Let's Connect!) before 2.3.14, as packaged for Debian 10, Debian 11, and Fedora, allows remote authenticated users to obtain OS filesystem access, because of the interaction of QR codes with an exec that uses the -r option. This can be leveraged to obtain additional VPN access.
References (2)
Core 2
Core References
Mailing List, Third Party Advisory x_refsource_misc
https://list.surfnet.nl/pipermail/eduvpn-deploy/2021-September/000352.html
Release Notes, Third Party Advisory
https://github.com/eduvpn/vpn-user-portal/releases
Scores
CVSS v3
6.5
EPSS
0.0182
EPSS Percentile
76.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-20
Status
published
Products (1)
eduvpn/vpn-user-portal
2.3.2 - 2.3.14
Published
Sep 24, 2021
Tracked Since
Feb 18, 2026