32 matches found
CVE-2018-18858
Multiple local privilege escalation vulnerabilities have been identified in the LiquidVPN client through 1.37 for macOS. An attacker can communicate with an unprotected XPC service and directly execute arbitrary OS commands as root or load a potentially malicious kernel extension because...
CVE-2018-18858
CVE-2018-18858 describes multiple local privilege escalation flaws in the LiquidVPN for macOS client (up to v1.37). The issue arises because com.smr.liquidvpn.OVPNHelper uses the system function to execute the path in a shell command, enabling an unprotected XPC service to run arbitrary OS comman...
CVE-2018-18856
CVE-2018-18856 concerns local privilege escalation in the LiquidVPN for macOS client (through version 1.37). The description states that an attacker can interact with an unprotected XPC service and directly execute arbitrary OS commands as root, or load a potentially malicious kernel extension, b...
CVE-2018-18857
Multiple local privilege escalation vulnerabilities have been identified in the LiquidVPN client through 1.37 for macOS. An attacker can communicate with an unprotected XPC service and directly execute arbitrary OS commands as root or load a potentially malicious kernel extension because...
LiquidVPN For macOS elevation of privilege vulnerability (CNVD-2018-22843)
LiquidVPN For MacOS is a VPN software for anonymous access to the Internet based on the MacOS platform. An elevation of privilege vulnerability exists in the 'anycmd' parameter in LiquidVPN For MacOS 1.37 and 1.36 and earlier versions. An attacker can exploit this vulnerability to gain elevated...
LiquidVPN For macOS Design Vulnerability
LiquidVPN For MacOS is a VPN software for anonymous access to the Internet based on the MacOS platform. A security vulnerability exists in LiquidVPN For MacOS 1.37 and 1.36 and earlier versions. An attacker can exploit the vulnerability to directly install arbitrary kernel extensions...
LiquidVPN For macOS Operating System Command Injection Vulnerability
LiquidVPN For MacOS is a VPN software for anonymous access to the Internet based on the MacOS platform. An OS command injection vulnerability exists in LiquidVPN For MacOS 1.37 and 1.36 and earlier versions, which stems from the program's failure to filter parameters passed to the 'system'...
LiquidVPN For macOS Elevation of Privilege Vulnerability
LiquidVPN For MacOS is a VPN software for anonymous access to the Internet based on the MacOS platform. An elevation of privilege vulnerability exists in the 'openvpncmd' parameter in LiquidVPN For MacOS 1.37 and 1.36 and earlier versions. An attacker can exploit this vulnerability to gain elevat...
LiquidVPN 1.36 1.37 - Privilege Escalation
LiquidVPN 1.36 1.37 - Privilege Escalation / ======================================================================= Title: Multiple Privilege Escalation Vulnerabilities Product: LiquidVPN for MacOS Vulnerable versions: 1.37, 1.36 and earlier CVE IDs: CVE-2018-18856, CVE-2018-18857, CVE-2018-1885...
LiquidVPN For macOS 1.3.7 Privilege Escalation Vulnerability
LiquidVPN for macOS versions 1.3.7 and below suffer from privilege escalation vulnerabilities. ======================================================================= Title: Multiple Privilege Escalation Vulnerabilities Product: LiquidVPN for MacOS Vulnerable versions: 1.37, 1.36 and earlier CVE...
LiquidVPN 1.36 / 1.37 - Privilege Escalation
/ ======================================================================= Title: Multiple Privilege Escalation Vulnerabilities Product: LiquidVPN for MacOS Vulnerable versions: 1.37, 1.36 and earlier CVE IDs: CVE-2018-18856, CVE-2018-18857, CVE-2018-18858, CVE-2018-18859 Impact: Critical Homepage...
LiquidVPN For macOS 1.3.7 Privilege Escalation
======================================================================= Title: Multiple Privilege Escalation Vulnerabilities Product: LiquidVPN for MacOS Vulnerable versions: 1.37, 1.36 and earlier CVE IDs: CVE-2018-18856, CVE-2018-18857, CVE-2018-18858, CVE-2018-18859 Impact: Critical Homepage:...