Description
TrustTunnel is an open-source VPN protocol with a rule bypass issue in versions prior to 0.9.115. In `tls_listener.rs`, `TlsListener::listen()` peeks 1024 bytes and calls `extract_client_random(...)`. If `parse_tls_plaintext` fails (for example, a fragmented/partial ClientHello split across TCP writes), `extract_client_random` returns `None`. In `rules.rs`, `RulesEngine::evaluate` only evaluates `client_random_prefix` when `client_random` is `Some(...)`. As a result, when extraction fails (`client_random == None`), any rule that relies on `client_random_prefix` matching is skipped and evaluation falls through to later rules. As an important semantics note: `client_random_prefix` is a match condition only. It does not mean "block non-matching prefixes" by itself. A rule with `client_random_prefix = ...` triggers its `action` only when the prefix matches (and the field is available to evaluate). Non-matches (or `None`) simply do not match that rule and continue to fall through. The vulnerability is fixed in version 0.9.115.
Published: 2026-01-29
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Bypass security rules
Action: Patch
AI Analysis

Impact

A flaw in TrustTunnel’s TLS listener causes the extraction of the client_random field to fail when the TLS ClientHello is split across multiple packets. The rule engine evaluates the client_random_prefix condition only when a value is available; when extraction fails, the rule is skipped and evaluation continues to the next rules. This behavior permits an attacker to bypass rules that rely solely on client_random_prefix to enforce security decisions, potentially allowing unauthorized traffic into the VPN, and represents a missing access control weakness.

Affected Systems

The vulnerability affects the TrustTunnel VPN client and server software, specifically all released versions older than 0.9.115. The affected component is the TLS listener and rule engine code that processes client random prefixes.

Risk and Exploitability

The CVSS score is 5.3, indicating medium severity. The EPSS score is less than 1%, suggesting low exploitation probability at the present time, and the vulnerability is not listed in the CISA KEV catalog. Attackers capable of sending a fragmented TLS handshake to a TrustTunnel listener can exploit the flaw over the network; no privileged access or additional conditions are required.

Generated by OpenCVE AI on April 18, 2026 at 14:31 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade TrustTunnel to version 0.9.115 or later, which contains the fix for client_random extraction and rule evaluation.
  • If an upgrade cannot be performed immediately, review and adjust rule configurations to avoid relying exclusively on client_random_prefix conditions, or temporarily disable rules that depend on this field until the patch is applied.
  • Monitor VPN logs for anomalous TLS handshake failures and unexpected rule bypass incidents, and audit rule evaluation paths for compliance with intended security policies.

Generated by OpenCVE AI on April 18, 2026 at 14:31 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 20 Feb 2026 21:00:00 +0000

Type Values Removed Values Added
First Time appeared Adguard
Adguard trusttunnel
CPEs cpe:2.3:a:adguard:trusttunnel:*:*:*:*:*:*:*:*
Vendors & Products Adguard
Adguard trusttunnel

Fri, 30 Jan 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Trusttunnel
Trusttunnel trusttunnel
Vendors & Products Trusttunnel
Trusttunnel trusttunnel

Thu, 29 Jan 2026 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 29 Jan 2026 21:30:00 +0000

Type Values Removed Values Added
Description TrustTunnel is an open-source VPN protocol with a rule bypass issue in versions prior to 0.9.115. In `tls_listener.rs`, `TlsListener::listen()` peeks 1024 bytes and calls `extract_client_random(...)`. If `parse_tls_plaintext` fails (for example, a fragmented/partial ClientHello split across TCP writes), `extract_client_random` returns `None`. In `rules.rs`, `RulesEngine::evaluate` only evaluates `client_random_prefix` when `client_random` is `Some(...)`. As a result, when extraction fails (`client_random == None`), any rule that relies on `client_random_prefix` matching is skipped and evaluation falls through to later rules. As an important semantics note: `client_random_prefix` is a match condition only. It does not mean "block non-matching prefixes" by itself. A rule with `client_random_prefix = ...` triggers its `action` only when the prefix matches (and the field is available to evaluate). Non-matches (or `None`) simply do not match that rule and continue to fall through. The vulnerability is fixed in version 0.9.115.
Title TrustTunnel has `client_random_prefix` rule bypass via fragmented or partial TLS ClientHello
Weaknesses CWE-284
References
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N'}

Subscriptions

Adguard Trusttunnel
Trusttunnel Trusttunnel
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-01-29T21:34:31.465Z

Reserved: 2026-01-27T19:35:20.530Z

Link: CVE-2026-24904

cve-icon Vulnrichment

Updated: 2026-01-29T21:34:17.709Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-29T22:15:55.047

Modified: 2026-02-20T20:58:09.620

Link: CVE-2026-24904

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T14:45:03Z

Weaknesses