Description

Letmein is an authenticating port knocker. Prior to version 10.2.1, The connection limiter is implemented incorrectly. It allows an arbitrary amount of simultaneously incoming connections (TCP, UDP and Unix socket) for the services letmeind and letmeinfwd. Therefore, the command line option num-connections is not effective and does not limit the number of simultaneously incoming connections. This issue has been patched in version 10.2.1.

INFO

Published Date :

2025-06-24T03:13:29.370Z

Last Modified :

2025-06-24T14:42:51.785Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-52570 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-52570.

URL Resource
https://github.com/mbuesch/letmein/commit/43207cd77580410d97165d1e3c07361ba6f3558c cve-icon cve-icon
https://github.com/mbuesch/letmein/security/advisories/GHSA-jpv7-p47h-f43j cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability