Pritunl VPN Server 1.29.2145.25 - Username Enumeration

Pritunl 1.29.2145.25 contains a username enumeration issue caused by different error responses in /auth/session login attempts, letting attackers verify valid usernames, exploit requires network access to the login endpoint. id: CVE-2020-25200 info: name: Pritunl VPN Server 1.29.2145.25 - Usernam...

CLEANSTART-2026-MW52599 OpenVPN version 2

Multiple security vulnerabilities affect the pritunl package. OpenVPN version 2. See references for individual vulnerability details...

CLEANSTART-2026-DC27717 OpenVPN version 2

Multiple security vulnerabilities affect the pritunl package. OpenVPN version 2. See references for individual vulnerability details...

EUVD-2016-7944

Malware in sbrugna...

EUVD-2016-7943

Malware in sbrugna...

EUVD-2020-18619

Malware in sbrugna...

EUVD-2020-20029

Malware in sbrugna...

EUVD-2025-11944

Malicious code in bioql PyPI...

EUVD-2022-30043

Malicious code in bioql PyPI...

CVE-2022-25372

Pritunl Client through 1.2.3019.52 on Windows allows local privilege escalation, related to an ACL entry for CREATOR OWNER in platformwindows.go...

CVE-2020-25200

Pritunl 1.29.2145.25 allows attackers to enumerate valid VPN usernames via a series of /auth/session login attempts. Initially, the server will return error 401. However, if the username is valid, then after 20 login attempts, the server will start responding with error 400. Invalid usernames wil...

CVE-2016-7063

A flaw was found in pritunl-client before version 1.0.1116.6. Arbitrary write to user specified path may lead to privilege escalation...

CVE-2016-7064

A flaw was found in pritunl-client before version 1.0.1116.6. A lack of signature verification leads to sensitive information leakage...

CVE-2025-43917

In Pritunl Client before 1.3.4220.57, an administrator with access to /Applications can escalate privileges after uninstalling the product. Specifically, an administrator can insert a new file at the pathname of the removed pritunl-service file. This file then is executed by a LaunchDaemon as roo...

CVE-2025-43917

In Pritunl Client before 1.3.4220.57, an administrator with access to /Applications can escalate privileges after uninstalling the product. Specifically, an administrator can insert a new file at the pathname of the removed pritunl-service file. This file then is executed by a LaunchDaemon as roo...

CVE-2025-43917

In Pritunl Client before 1.3.4220.57, an administrator with access to /Applications can escalate privileges after uninstalling the product. Specifically, an administrator can insert a new file at the pathname of the removed pritunl-service file. This file then is executed by a LaunchDaemon as roo...

Pritunl Client 安全漏洞

Pritunl Client is an open source VPN client from Pritunl. A security vulnerability exists in Pritunl Client versions prior to 1.3.4220.57, which stems from improper privilege management and could lead to elevated privileges...

CVE-2025-43917

Summary: CVE-2025-43917 affects Pritunl Client on macOS prior to 1.3.4220.57. An administrator with access to /Applications can escalate privileges after uninstall by inserting a new file at the pathname of the removed pritunl-service, which is then executed by a LaunchDaemon as root. Root cause:...

CVE-2025-43917

In Pritunl Client before 1.3.4220.57, an administrator with access to /Applications can escalate privileges after uninstalling the product. Specifically, an administrator can insert a new file at the pathname of the removed pritunl-service file. This file then is executed by a LaunchDaemon as roo...

PT-2025-94: Local Privilege Escalation in Pritunl

The vulnerability was identified in Pritunl, version 1.3.4099.99. The discovered vulnerability allows an attacker to escalate privileges from a normal user to root. Vulnerability status: Confirmed by vendor Date of vulnerability remediation: 03.04.2025 Recommendations: Update to version 1.3.4220....