CVE-2018-9105

NordVPN 3.3.10 for macOS suffers from a root privilege escalation vulnerability. The vulnerability stems from its privileged helper tool's implemented XPC service. This XPC service is responsible for receiving and processing new OpenVPN connection requests from the main application. Unfortunately...

EUVD-2018-2248

Malware in sbrugna...

CVE-2018-10170

NordVPN 6.12.7.0 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "nordvpn-service" service. This service establishes an NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly exposed methods. The "Connect" method accepts a...

The vulnerability of the NordVPN software for accessing VPN services arises from the lack of measures taken to neutralize special elements used in the operating system’s command set. This allows a malicious user to execute arbitrary commands or code with SYSTEM privileges.

The vulnerability of NordVPN’s software for accessing VPN services arises from the lack of measures taken to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands or code with SYSTEM privileges,...