Lucene search
K

49 matches found

Packet Storm
Packet Storm
added 2022/03/23 12:0 a.m.217 views

ProtonVPN 1.26.0 Unquoted Service Path

Exploit Title: ProtonVPN 1.26.0 - Unquoted Service Path Date: 22/03/2022 Exploit Author: gemreda @gemredax Vendor Homepage: https://protonvpn.com/ Software Link: https://protonvpn.com/ Version: 1.26.0 Tested: Windows 10 x64 Contact: [email protected] PS C:\Users\Emre sc.exe qc "ProtonVPN Wireguard" ...

0.2AI score
Exploits0
0day.today
0day.today
added 2022/03/23 12:0 a.m.219 views

ProtonVPN 1.26.0 - Unquoted Service Path Vulnerability

Exploit Title: ProtonVPN 1.26.0 - Unquoted Service Path Exploit Author: gemreda @gemredax Vendor Homepage: https://protonvpn.com/ Software Link: https://protonvpn.com/ Version: 1.26.0 Tested: Windows 10 x64 Contact: email protected PS C:\Users\Emre sc.exe qc "ProtonVPN Wireguard" SC...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/03/23 12:0 a.m.337 views

ProtonVPN 1.26.0 - Unquoted Service Path

Exploit Title: ProtonVPN 1.26.0 - Unquoted Service Path Date: 22/03/2022 Exploit Author: gemreda @gemredax Vendor Homepage: https://protonvpn.com/ Software Link: https://protonvpn.com/ Version: 1.26.0 Tested: Windows 10 x64 Contact: [email protected] PS C:\Users\Emre sc.exe qc "ProtonVPN Wireguard" ...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/05/26 3:30 p.m.283 views

Data Wiper Malware Disguised As Ransomware Targets Israeli Entities

Researchers on Tuesday disclosed a new espionage campaign that resorts to destructive data-wiping attacks targeting Israeli entities at least since December 2020 that camouflage the malicious activity as ransomware extortions. Cybersecurity firm SentinelOne attributed the attacks to a nation-stat...

9.8CVSS1.5AI score0.99999EPSS
Exploits22
ThreatPost
ThreatPost
added 2021/05/25 8:26 p.m.53 views

‘Agrius’ APT Launches Wiper Attacks Against Israelis

A new attack group called Agrius is launching damaging wiper attacks against Israeli targets, which researchers said are hiding behind ransomware to make their state-sponsored activities appear financially motivated. Sentinel Labs analysts said they have been tracking Agrius’ operations in Israel...

7.8AI score
Exploits0References9
ThreatPost
ThreatPost
added 2021/03/24 8:53 p.m.53 views

ProtonVPN CEO Blasts Apple for 'Aiding Tyrants’ in Myanmar

In a blog post filled with a passionate defense of human rights and internet privacy, Andy Yen, the CEO of secure internet provider ProtonVPN, blasted Apple for blocking its latest update and accused the tech juggernaut of helping the global spread of authoritarianism by “giving in to tyrants.” Y...

6.9AI score
Exploits0References13
Kitploit
Kitploit
added 2021/01/12 8:30 p.m.200 views

ProtOSINT - A Python Script That Helps You Investigate Protonmail Accounts And ProtonVPN IP Addresses

ProtOSINT is a Python script that helps you investigate ProtonMail accounts and ProtonVPN IP addresses. Description This tool can help you in your OSINT investigation on Proton service for educational purposes only. ProtOSINT is separated in 3 sub-modules: 1 Test the validity of one protonmail...

7AI score
Exploits0References1
ThreatPost
ThreatPost
added 2020/03/27 2:43 p.m.68 views

Apple Unpatched VPN Bypass Bug Impacts iOS 13, Warn Researchers

An unpatched bug in the latest version of Apple’s iOS is blocking virtual private network VPN applications from cloaking some private data transmitted between a device and the servers they are requesting data from. While the bug remains unpatched, Apple is suggesting steps users can take to reduc...

7.3AI score
Exploits0References14
HackRead
HackRead
added 2020/02/19 2:29 p.m.33 views

Hackers clone ProtonVPN website to drop password stealer malware

By Sudais Asif Currently, ProtonVPN has more than 2 million users around the world and that makes it a lucrative target for cybercriminals. This is a post from HackRead.com Read the original post: Hackers clone ProtonVPN website to drop password stealer malware...

2.1AI score
Exploits0
Securelist
Securelist
added 2020/02/18 10:0 a.m.61 views

AZORult spreads as a fake ProtonVPN installer

AZORult has its history. However, a few days ago, we discovered what appears to be one of its most unusual campaigns: abusing the ProtonVPN service and dropping malware via fake ProtonVPN installers for Windows. Screenshot of a fake ProtonVPN website The campaign started at the end of November 20...

1.3AI score
Exploits0
The Hacker News
The Hacker News
added 2018/11/20 12:46 p.m.291 views

Safeguard Your Data And Privacy Online With This Award-Winning VPN

It seems as though not a day goes by without a new story breaking about a high-level cyber attack on a major corporation or national government. Hackers are becoming increasingly adept at breaking through a variety of super-secure firewalls, and they're not just after the riches of Fortune 500...

0.3AI score
Exploits0
HackRead
HackRead
added 2018/10/23 3:30 p.m.92 views

ProtonVPN Subscriptions Now Available on Firefox for $10

By Waqas Mozilla has announced that it will be launching an experimental feature in the new version of Firefox that will offer ProtonVPN subscriptions. The feature, however, will be accessible by users only after they subscribe for a monthly package. It is basically, a subscription-based VPN...

1.7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2018/09/21 12:0 a.m.9 views

The vulnerability of ProtonVPN’s software for accessing VPN services arises from the lack of measures taken to neutralize special elements used in the operating system’s command set. This allows a malicious user to execute arbitrary commands or code with SYSTEM privileges.

The vulnerability of ProtonVPN’s software for accessing VPN services arises from the lack of measures taken to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands or code with SYSTEM privilege...

8.8CVSS6AI score0.04651EPSS
Exploits1References4Affected Software1
CNVD
CNVD
added 2018/09/11 12:0 a.m.4 views

ProtonVPN VPN client code execution vulnerability

ProtonVPN VPN client is a free VPN client application for anonymous access to the Internet. A code execution vulnerability exists in the linking feature of ProtonVPN VPN client version 1.5.1, which can be exploited to execute arbitrary commands with system privileges with the help of a specially...

9.3CVSS8.7AI score0.04651EPSS
Exploits1References1
ThreatPost
ThreatPost
added 2018/09/10 7:39 p.m.23 views

ProtonVPN, NordVPN Flaws Open Door to Privilege Escalation

UPDATE A pair of vulnerabilities in the ProtonVPN and NordVPN VPN clients have been uncovered, which allow attackers to execute code as an administrator on targeted Microsoft Windows machines. In both cases CVE-2018-3952 NordVPN and CVE-2018-4010 ProntonVPN, the clients have the same design,...

10CVSS8.6AI score0.04651EPSS
Exploits2References6
OSV
OSV
added 2018/09/07 3:29 p.m.2 views

CVE-2018-4010

An exploitable code execution vulnerability exists in the connect functionality of ProtonVPN VPN client 1.5.1. A specially crafted configuration file can cause a privilege escalation, resulting in the ability to execute arbitrary commands with the system's privileges...

7.8CVSS6.3AI score0.04651EPSS
Exploits1References2
NVD
NVD
added 2018/09/07 3:29 p.m.16 views

CVE-2018-4010

An exploitable code execution vulnerability exists in the connect functionality of ProtonVPN VPN client 1.5.1. A specially crafted configuration file can cause a privilege escalation, resulting in the ability to execute arbitrary commands with the system's privileges...

9.3CVSS8.4AI score0.04651EPSS
Exploits1References2
CVE
CVE
added 2018/09/07 3:0 p.m.66 views

CVE-2018-4010

CVE-2018-4010 affects ProtonVPN VPN Client 1.5.1. A vulnerability in the connect flow allows a specially crafted OpenVPN configuration to trigger a privilege escalation, enabling code execution with system privileges. The root cause involves how OpenVPN configuration lines (e.g., plugin, script-s...

9.3CVSS8AI score0.04651EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2018/09/07 3:0 p.m.27 views

CVE-2018-4010

An exploitable code execution vulnerability exists in the connect functionality of ProtonVPN VPN client 1.5.1. A specially crafted configuration file can cause a privilege escalation, resulting in the ability to execute arbitrary commands with the system's privileges...

8.8CVSS8AI score0.04651EPSS
Exploits1References2
Talos Blog
Talos Blog
added 2018/09/07 5:44 a.m.116 views

Vulnerability Spotlight: CVE-2018-3952 / CVE-2018-4010 - Multi-provider VPN Client Privilege Escalation Vulnerabilities

Discovered by Paul Rascagneres. Overview Cisco Talos has discovered two similar vulnerabilities in the ProtonVPN and NordVPN VPN clients. The vulnerabilities allow attackers to execute code as an administrator on Microsoft Windows operating systems from a standard user. The vulnerabilities were...

10CVSS1.2AI score0.04651EPSS
Exploits2
Rows per page
Query Builder