32 matches found
CVE-2021-31776
Aviatrix VPN Client before 2.14.14 on Windows has an unquoted search path that enables local privilege escalation to the SYSTEM user, if the machine is misconfigured to allow unprivileged users to write to directories that are supposed to be restricted to administrators...
EUVD-2021-18660
Malware in sbrugna...
EUVD-2020-20077
Malware in sbrugna...
EUVD-2020-5671
Malware in sbrugna...
EUVD-2019-7791
Malware in sbrugna...
EUVD-2019-7792
Malware in sbrugna...
CVE-2019-17387
An authentication flaw in the AVPNCRP service in Aviatrix VPN Client through 2.2.10 allows an attacker to gain elevated privileges through arbitrary code execution on Windows, Linux, and macOS...
CVE-2019-17388
Weak file permissions applied to the Aviatrix VPN Client through 2.2.10 installation directory on Windows and Linux allow a local attacker to execute arbitrary code by gaining elevated privileges through file modifications...
CVE-2021-31776
Aviatrix VPN Client before 2.14.14 on Windows has an unquoted search path that enables local privilege escalation to the SYSTEM user, if the machine is misconfigured to allow unprivileged users to write to directories that are supposed to be restricted to administrators...
CVE-2021-31776
Aviatrix VPN Client before 2.14.14 on Windows has an unquoted search path that enables local privilege escalation to the SYSTEM user, if the machine is misconfigured to allow unprivileged users to write to directories that are supposed to be restricted to administrators...
Design/Logic Flaw
Aviatrix VPN Client before 2.14.14 on Windows has an unquoted search path that enables local privilege escalation to the SYSTEM user, if the machine is misconfigured to allow unprivileged users to write to directories that are supposed to be restricted to administrators...
CVE-2021-31776
Aviatrix VPN Client before 2.14.14 on Windows has an unquoted search path that enables local privilege escalation to the SYSTEM user, if the machine is misconfigured to allow unprivileged users to write to directories that are supposed to be restricted to administrators...
CVE-2020-27569
Arbitrary File Write exists in Aviatrix VPN Client 2.8.2 and earlier. The VPN service writes logs to a location that is world writable and can be leveraged to gain write access to any file on the system...
CVE-2020-27569
Arbitrary File Write exists in Aviatrix VPN Client 2.8.2 and earlier. The VPN service writes logs to a location that is world writable and can be leveraged to gain write access to any file on the system...
Design/Logic Flaw
Arbitrary File Write exists in Aviatrix VPN Client 2.8.2 and earlier. The VPN service writes logs to a location that is world writable and can be leveraged to gain write access to any file on the system...
CVE-2020-27569
The CVE-2020-27569 entry concerns Aviatrix VPN Client 2.8.2 and earlier, where the VPN service writes logs to a world-writable location, enabling arbitrary file write with potential to modify any file on the system. The connected OSV entries corroborate the same description; no exploitation detai...
CVE-2020-27569
Arbitrary File Write exists in Aviatrix VPN Client 2.8.2 and earlier. The VPN service writes logs to a location that is world writable and can be leveraged to gain write access to any file on the system...
CVE-2020-27569
Arbitrary File Write exists in Aviatrix VPN Client 2.8.2 and earlier. The VPN service writes logs to a location that is world writable and can be leveraged to gain write access to any file on the system...
Aviatrix VPN Client Code Execution Vulnerability
Aviatrix VPN Client is a VPN Virtual Private Network client application that provides SAML authentication. A security vulnerability exists in Aviatrix VPN Client versions prior to 2.10.7. An attacker can exploit the vulnerability to execute code...
CVE-2020-13417
An Elevation of Privilege issue was discovered in Aviatrix VPN Client before 2.10.7, because of an incomplete fix for CVE-2020-7224. This affects Linux, macOS, and Windows installations for certain OpenSSL parameters...