Lucene search
K

82 matches found

OSV
OSV
added 2019/04/17 3:29 p.m.4 views

CVE-2018-4007

An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the deleteConfig functionality. The program is able to delete any protected file on the system. An attacker would need local access to the machine to successfully exploit the bug...

7.1CVSS5.8AI score0.00386EPSS
Exploits1References1
NVD
NVD
added 2019/04/17 3:29 p.m.28 views

CVE-2018-4004

An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the disconnectService functionality. A non-root user is able to kill any privileged process on the system. An attacker would need local access to the machine for a successful exploit...

7.1CVSS6.1AI score0.00376EPSS
Exploits1References1
Prion
Prion
added 2019/04/17 3:29 p.m.14 views

Privilege escalation

An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the disconnectService functionality. A non-root user is able to kill any privileged process on the system. An attacker would need local access to the machine for a successful exploit...

4.9CVSS5.5AI score0.00376EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/04/17 2:35 p.m.15 views

CVE-2018-4006

An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the writeConfig functionality. A non-root user is able to write a file anywhere on the system. A user with local access can use this vulnerability to raise their privileges to root. An attacker wou...

9.3CVSS7.7AI score0.0068EPSS
Exploits1References1
CVE
CVE
added 2019/04/17 2:35 p.m.49 views

CVE-2018-4006

CVE-2018-4006 concerns Shimo VPN 4.1.5.1: a privilege-escalation flaw in the helper tool’s writeConfig function. A non-root user with local access can write a file anywhere on the system and, through this, escalate privileges to root. The issue arises from the helper service running with elevated...

9.3CVSS7.6AI score0.0068EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2019/04/17 2:15 p.m.62 views

CVE-2018-4004

CVE-2018-4004 is a privilege-escalation vulnerability in the Shimo VPN helper service, specifically the disconnectService function, on macOS Shimo VPN 4.1.5.1. A non-root local user can terminate a privileged process by supplying a targeted PID, enabling privilege escalation. The issue arises fro...

7.1CVSS5.7AI score0.00376EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/04/17 2:15 p.m.24 views

CVE-2018-4004

An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the disconnectService functionality. A non-root user is able to kill any privileged process on the system. An attacker would need local access to the machine for a successful exploit...

7.1CVSS5.5AI score0.00376EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/04/17 2:15 p.m.33 views

CVE-2018-4005

An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the configureRoutingWithCommand function. A user with local access can use this vulnerability to raise their privileges to root. An attacker would need local access to the machine for a successful...

9.3CVSS7.7AI score0.0068EPSS
Exploits1References1
CVE
CVE
added 2019/04/17 2:15 p.m.62 views

CVE-2018-4005

The CVE-2018-4005 entry affects Shimo VPN 4.1.5.1, specifically the helper service’s configureRoutingWithCommand function. Cisco Talos documents a local-privilege-escalation flaw in the helper tool, enabling a non-privileged user with local access to escalate to root by abusing the function to ru...

9.3CVSS7.6AI score0.0068EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/04/17 2:15 p.m.25 views

CVE-2018-4007

An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the deleteConfig functionality. The program is able to delete any protected file on the system. An attacker would need local access to the machine to successfully exploit the bug...

9CVSS7AI score0.00386EPSS
Exploits1References1
CVE
CVE
added 2019/04/17 2:15 p.m.49 views

CVE-2018-4007

The CVE-2018-4007 entry is supported by multiple connected sources (notably TALOS-2018-0676) detailing a privilege escalation in Shimo VPN 4.1.5.1. The vulnerability resides in the helper service’s deleteConfig function, where a non-privileged caller can trigger deletion of any protected file bec...

9CVSS6.9AI score0.00386EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2019/04/17 12:0 a.m.6 views

PT-2019-10744 · Feingeist · Shimo Vpn

Name of the Vulnerable Software and Affected Versions: Shimo VPN version 4.1.5.1 Description: A privilege escalation issue exists in the helper service, specifically in the disconnectService functionality. This allows a non-root user to kill any privileged process on the system. An attacker needs...

7.1CVSS6AI score0.00376EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2019/04/17 12:0 a.m.5 views

PT-2019-10745 · Feingeist · Shimo Vpn

Name of the Vulnerable Software and Affected Versions: Shimo VPN version 4.1.5.1 Description: A privilege escalation issue exists in the helper service, specifically in the configureRoutingWithCommand function. This allows a user with local access to elevate their privileges to root. An attacker...

9.3CVSS8.4AI score0.0068EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2019/04/17 12:0 a.m.4 views

PT-2019-10746 · Shimo · Shimo Vpn

Name of the Vulnerable Software and Affected Versions: Shimo VPN version 4.1.5.1 Description: A privilege escalation issue exists in the Shimo VPN helper service, specifically in the writeConfig functionality. This allows a non-root user to write a file anywhere on the system, potentially enablin...

9.3CVSS8.5AI score0.0068EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2019/04/17 12:0 a.m.4 views

PT-2019-10747 · Feingeist Software Gmbh · Shimo Vpn

Name of the Vulnerable Software and Affected Versions: Shimo VPN version 4.1.5.1 Description: A privilege escalation issue exists in the helper service of Shimo VPN, specifically in the deleteConfig functionality, allowing the program to delete any protected file on the system. An attacker would...

9CVSS8AI score0.00386EPSS
Exploits1References3
CNVD
CNVD
added 2019/04/16 12:0 a.m.5 views

Shimo VPN Input Validation Error Vulnerability

Shimo VPN is a VPN Virtual Private Network software based on macOS platform. An input validation error vulnerability exists in the disconnectService function of the assistant service in Shimo VPN version 4.1.5.1. The vulnerability stems from a network system or product that does not properly...

7.1CVSS6.8AI score0.00376EPSS
Exploits1References1
CNVD
CNVD
added 2019/04/16 12:0 a.m.2 views

Shimo VPN elevation of privilege vulnerability (CNVD-2019-22623)

Shimo VPN is a VPN virtual private network software for macOS platforms An elevation of privilege vulnerability vulnerability exists in the 'configureRoutingWithCommand' function of the Assistant service in Shimo VPN version 4.1.5.1. The vulnerability stems from a network system or product that...

9.3CVSS7.1AI score0.0068EPSS
Exploits1References1
CNVD
CNVD
added 2019/04/16 12:0 a.m.4 views

Shimo VPN Denial of Service Vulnerability

Shimo VPN is a VPN Virtual Private Network software based on macOS platform. A denial of service vulnerability exists in the deleteConfig function of the Assistant service in Shimo VPN version 4.1.5.1. The vulnerability stems from a network system or product that does not properly validate incomi...

9CVSS6.7AI score0.00386EPSS
Exploits1References1
CNVD
CNVD
added 2019/04/16 12:0 a.m.5 views

Shimo VPN Elevation of Privilege Vulnerability

Shimo VPN is a VPN Virtual Private Network software based on macOS platform. An elevation of privilege vulnerability exists in the writeConfig function of the Assistant service in Shimo VPN version 4.1.5.1. The vulnerability stems from a network system or product that does not properly validate...

9.3CVSS7.4AI score0.0068EPSS
Exploits1References1
OSV
OSV
added 2019/04/15 8:29 p.m.3 views

CVE-2018-4008

An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the RunVpncScript command. The command takes a user-supplied script argument and executes it under root context. A user with local access can use this vulnerability to raise their privileges to roo...

7.8CVSS5.8AI score0.00422EPSS
Exploits1References1
Rows per page
Query Builder