2 matches found
CVE-2020-25200
Pritunl 1.29.2145.25 allows attackers to enumerate valid VPN usernames via a series of /auth/session login attempts. Initially, the server will return error 401. However, if the username is valid, then after 20 login attempts, the server will start responding with error 400. Invalid usernames wil...
PT-2025-94: Local Privilege Escalation in Pritunl
The vulnerability was identified in Pritunl, version 1.3.4099.99. The discovered vulnerability allows an attacker to escalate privileges from a normal user to root. Vulnerability status: Confirmed by vendor Date of vulnerability remediation: 03.04.2025 Recommendations: Update to version 1.3.4220....