CNNVD-202601-4858 Information

CNNVD ID

CNNVD-202601-4858

Related CVE

CVE-2026-24902

• CNNVD Published: 2026-01-29

Description (Chinese)

TrustTunnel是TrustTunnel开源的一个VPN协议软件。 TrustTunnel 0.9.114之前版本存在代码问题漏洞，该漏洞源于SSRF保护不完整，可能导致绕过私有网络限制并访问环回或私有目标。

Description (English)

TrustTunnel is a VPN protocol software from TrustTunnel Open Source. TrustTunnel 0.9.114 has a code problem loophole, which stems from incomplete SSR protection and may lead to bypassing private network restrictions and accessing loops or private targets.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

TrustTunnel

Published

2026-01-29

Last Modified

2026-02-24

References

https://github.com/TrustTunnel/TrustTunnel/commit/734bb5cf103b72390a95c853cbf91e699cc01bc0 https://github.com/TrustTunnel/TrustTunnel/security/advisories/GHSA-hgr9-frvw-5r76

Patch

https://github.com/TrustTunnel/TrustTunnel/releases