CVE-2025-10680: OS Command Injection

Q: What is the severity of CVE-2025-10680?

CVE-2025-10680 is categorized as a high-severity vulnerability due to the potential for remote command injection.

Q: How do I fix CVE-2025-10680?

To mitigate CVE-2025-10680, upgrade OpenVPN to a version beyond 2.7_beta1 where this vulnerability is addressed.

Q: Who is affected by CVE-2025-10680?

CVE-2025-10680 affects users of OpenVPN versions 2.7_alpha1 through 2.7_beta1 on POSIX based platforms.

Q: What is the attack vector for CVE-2025-10680?

The attack vector for CVE-2025-10680 involves a remote authenticated server exploiting DNS variables when the --dns-updown option is enabled.

Q: What are the potential consequences of CVE-2025-10680?

The potential consequences of CVE-2025-10680 include unauthorized execution of shell commands on the affected OpenVPN server.

Published Oct 24, 2025

Updated

OpenVPN 2.7alpha1 through 2.7beta1 on POSIX based platforms allows a remote authenticated server to inject shell commands via DNS variables when --dns-updown is in use

Affected Software

1 affected component

OpenVPN OpenVPN>=2.7_alpha1<=2.7_beta1

Event History

Oct 24, 2025

CVE Published

via MITRE·10:06 AM

Data Sourced

via MITRE·10:06 AM

DescriptionWeakness

Data Sourced

via NVD·10:15 AM

DescriptionSeverityWeakness

Frequently Asked Questions

What is the severity of CVE-2025-10680?

CVE-2025-10680 is categorized as a high-severity vulnerability due to the potential for remote command injection.

How do I fix CVE-2025-10680?

To mitigate CVE-2025-10680, upgrade OpenVPN to a version beyond 2.7_beta1 where this vulnerability is addressed.

Who is affected by CVE-2025-10680?

CVE-2025-10680 affects users of OpenVPN versions 2.7_alpha1 through 2.7_beta1 on POSIX based platforms.

What is the attack vector for CVE-2025-10680?

The attack vector for CVE-2025-10680 involves a remote authenticated server exploiting DNS variables when the --dns-updown option is enabled.

What are the potential consequences of CVE-2025-10680?