CVE-2020-5739

Affected product: Grandstream GXP1600 series firmware

CVE-2020-5739

Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable to authenticated remote command execution when an attacker adds an OpenVPN up script to the phone's VPN settings via the "Additional Settings" field in the web interface. When the VPN's connection is established, the user defin...

openvpn -- illegal client float can break VPN session for other users

Lev Stipakov and Gert Doering report: There is a time frame between allocating peer-id and initializing data channel key which is performed on receiving push request or on async push-reply in which the existing peer-id float checks do not work right. If a "rogue" data channel packet arrives durin...

Windows Unquoted Service Path Privilege Escalation

This module exploits a logic flaw due to how the lpApplicationName parameter is handled. When the lpApplicationName contains a space, the file name is ambiguous. Take this file path as example: C:\program files\hello.exe; The Windows API will try to interpret this as two possible paths:...

TrickBot Now Exploits Infected PCs to Launch RDP Brute Force Attacks

A new module for TrickBot banking Trojan has recently been discovered in the wild that lets attackers leverage compromised systems to launch brute-force attacks against selected Windows systems running a Remote Desktop Protocol RDP connection exposed to the Internet. The module, dubbed...

TrickBot Adds ActiveX Control, Hides Dropper in Images

The TrickBot banking trojan has gotten trickier, with the addition of a Windows 10 ActiveX control to execute malicious macros in boobytrapped documents. Michael Gorelik, researcher at Morphisec Labs, said that at least two dozen documents have come to light in the last few weeks that use ActiveX...

CVE-2020-9442

OpenVPN Connect 3.1.0.361 on Windows has Insecure Permissions for %PROGRAMDATA%\OpenVPN Connect\drivers\tap\amd64\win10, which allows local users to gain privileges by copying a malicious drvstore.dll there...

CVE-2020-9442

OpenVPN Connect 3.1.0.361 on Windows has Insecure Permissions for %PROGRAMDATA%\OpenVPN Connect\drivers\tap\amd64\win10, which allows local users to gain privileges by copying a malicious drvstore.dll there...

Design/Logic Flaw

OpenVPN Connect 3.1.0.361 on Windows has Insecure Permissions for %PROGRAMDATA%\OpenVPN Connect\drivers\tap\amd64\win10, which allows local users to gain privileges by copying a malicious drvstore.dll there...

CVE-2020-9442

OpenVPN Connect 3.1.0.361 for Windows stores a TAP driver DLL under %PROGRAMDATA%\OpenVPN Connect\drivers\tap\amd64\win10, and insecure file permissions allow local users to copy a malicious drvstore.dll to gain privileges. This CVE (CVE-2020-9442) is documented with a local-privilege-escalation ...

CVE-2020-9442

OpenVPN Connect 3.1.0.361 on Windows has Insecure Permissions for %PROGRAMDATA%\OpenVPN Connect\drivers\tap\amd64\win10, which allows local users to gain privileges by copying a malicious drvstore.dll there...

CVE-2020-9442

OpenVPN Connect 3.1.0.361 on Windows has Insecure Permissions for %PROGRAMDATA%\OpenVPN Connect\drivers\tap\amd64\win10, which allows local users to gain privileges by copying a malicious drvstore.dll there. Recent assessments: wolfthefallen at February 28, 2020 10:58pm UTC reported: Research of...

Unspecified Vulnerability in OpenVPN Access Server

OpenVPN is a software package from the American company OpenVPN for creating encrypted tunnels for virtual private networks VPNs that use the OpenSSL library to encrypt data and control information.OpenVPN Access Server is a commercial paid version of OpenVPN. A security vulnerability exists in...

CVE-2020-8953

OpenVPN Access Server 2.8.x before 2.8.1 allows LDAP authentication bypass except when a user is enrolled in two-factor authentication...

CVE-2020-8953

OpenVPN Access Server 2.8.x before 2.8.1 allows LDAP authentication bypass except when a user is enrolled in two-factor authentication...

Authentication flaw

OpenVPN Access Server 2.8.x before 2.8.1 allows LDAP authentication bypass except when a user is enrolled in two-factor authentication...

CVE-2020-8953

OpenVPN Access Server 2.8.x before 2.8.1 allows LDAP authentication bypass except when a user is enrolled in two-factor authentication...

CVE-2020-8953

OpenVPN Access Server 2.8.x before 2.8.1 allows LDAP authentication bypass except when a user is enrolled in two-factor authentication...

CVE-2020-8953

CVE-2020-8953 affects OpenVPN Access Server 2.8.x prior to 2.8.1, where an LDAP authentication bypass is possible unless the user is enrolled in two-factor authentication. The description explicitly identifies the affected product/version and the root cause as an LDAP authentication bypass, enabl...

Inferring and hijacking VPN-tunneled TCP connections

We have discovered a vulnerability in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android which allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and...