20 matches found
CVE-2026-6643
A stack-based buffer overflow vulnerability was found in the VPN Clients on the ADM. The issue stems from the use of unbounded sscanf and passing user-controlled data directly to printf. Due to the lack of PIE and Stack Canary protections, an authenticated remote attacker can exploit these to...
EUVD-2026-23784
A command injection vulnerability was found in the PPTP VPN Clients on the ADM. The vulnerability allows an administrative user to break out of the restricted web environment and execute arbitrary code on the underlying operating system. This occurs due to insufficient validation of user-supplied...
CVE-2026-6643
A stack-based buffer overflow vulnerability was found in the VPN Clients on the ADM. The issue stems from the use of unbounded sscanf and passing user-controlled data directly to printf. Due to the lack of PIE and Stack Canary protections, an authenticated remote attacker can exploit these to...
CVE-2026-6644 A command injection vulnerability was found in the PPTP VPN Clients on the ADM
A command injection vulnerability was found in the PPTP VPN Clients on the ADM. The vulnerability allows an administrative user to break out of the restricted web environment and execute arbitrary code on the underlying operating system. This occurs due to insufficient validation of user-supplied...
CVE-2026-6644
The CVE-2026-6644 entry describes a command-injection vulnerability in ADM PPTP VPN Clients that allows an administrative user to escape the restricted web environment and execute arbitrary OS commands, enabling Remote Code Execution and full system compromise. Affected are ADM versions 4.1.0–4.3...
CVE-2026-6643 A stack-based buffer overflow vulnerability in the VPN Clients on the ADM
A stack-based buffer overflow vulnerability was found in the VPN Clients on the ADM. The issue stems from the use of unbounded sscanf and passing user-controlled data directly to printf. Due to the lack of PIE and Stack Canary protections, an authenticated remote attacker can exploit these to...
CVE-2026-6643
A stack-based buffer overflow vulnerability was found in the VPN Clients on the ADM. The issue stems from the use of unbounded sscanf and passing user-controlled data directly to printf. Due to the lack of PIE and Stack Canary protections, an authenticated remote attacker can exploit these to...
Storm-2561 Spreads Trojan VPN Clients via SEO Poisoning to Steal Credentials
Microsoft has disclosed details of a credential theft campaign that employs fake virtual private network VPN clients distributed through search engine optimization SEO poisoning techniques. "The campaign redirects users searching for legitimate enterprise software to malicious ZIP files on...
Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft
In this article 1. From search to stolen credentials: Storm-2561 attack chain 2. Defending against credential theft campaigns 3. Microsoft Defender detection and hunting guidance 4. Indicators of compromise In mid-January 2026, Microsoft Defender Experts identified a credential theft campaign tha...
F5 Networks BIG-IP : BIG-IP Edge Client for Windows vulnerability (K000158931)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / None. It is, therefore, affected by a vulnerability as referenced in the K000158931 advisory. A vulnerability exists in BIG-IP Edge Client and browser VPN clients on Windows that may allow attackers to gain acce...
CVE-2026-20730
A vulnerability exists in BIG-IP Edge Client and browser VPN clients on Windows that may allow attackers to gain access to sensitive information. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2026-20730 BIG-IP Edge Client for Windows vulnerability
A vulnerability exists in BIG-IP Edge Client and browser VPN clients on Windows that may allow attackers to gain access to sensitive information. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
New PXA Stealer targets government and education sectors for sensitive information
Cisco Talos discovered a new information stealing campaign operated by a Vietnamese-speaking threat actor targeting government and education entities in Europe and Asia. We discovered a new Python program called PXA Stealer that targets victims' sensitive information, including credentials for...
CVE-2024-45750
An issue in TheGreenBow Windows Standard VPN Client 6.87.108 and older, Windows Enterprise VPN Client 6.87.109 and older, Windows Enterprise VPN Client 7.5.007 and older, Android VPN Client 6.4.5 and older VPN Client Linux 3.4 and older, VPN Client MacOS 2.4.10 and older allows a remote attacker ...
CVE-2024-20359
CVE-2024-20359 affects Cisco ASA and Cisco FTD. A legacy capability flaw allows an authenticated local attacker to exploit improper validation of a file read from flash memory by copying a crafted file to disk0:, enabling arbitrary code execution with root privileges after the next device reload....
New MrAnon Stealer Malware Targeting German Users via Booking-Themed Scam
A phishing campaign has been observed delivering an information stealer malware called MrAnon Stealer to unsuspecting victims via seemingly benign booking-themed PDF lures. "This malware is a Python-based information stealer compressed with cx-Freeze to evade detection," Fortinet FortiGuard Labs...
4 best practices to implement a comprehensive Zero Trust security approach
Today’s threat actors don’t see barriers, they see opportunities. As the old firewalls protecting the corporate network become obsolete amid the rush to adopt a hybrid workspace, implementing Zero Trust security has become an imperative across all sectors, both public and private. During this tim...
Agent Tesla Spyware Adds Fresh Tricks to Its Arsenal
Since COVID-19 cast its pall in March, the Agent Tesla remote-access trojan RAT has exploited the pandemic and added a raft of functionality that has helped it dominate the enterprise threat scene. Though Agent Tesla first made a splash six years ago, it hasn’t lost any momentum – in fact, it is...
Dell SonicWALL Network Security Appliance NSA 6600 XSS Vulnerability
Dell SonicWALL Network Security Appliance NSA 6600 suffers from a reflective cross site scripting vulnerability. Versions affected include NSA 6600 running SonicOS Enhanced 6.2.4.3-31n, WXA 4000 running 1.3.2.0-07, and SafeMode 6.1.0.11. i? Dell SonicWALL Network Security Appliance NSA 6600...
Multiple vulnerabilites in vendor IKE implementations, including Cisco,
Nortel, and Microsoft Reply-To: [email protected] INTRODUCTION This message will describe two serious vulnerabilities in the default configurations of IKE implementations. They are particularly common in so called "VPN client" implementations. Both allow easy session stealing and man-in-the-middle...