Lucene search
K

4 matches found

ThreatPost
ThreatPost
added 2018/02/07 1:0 p.m.18 views

Hotspot Shield Vulnerability Could Reveal ‘Juicy’ Info About Users, Researcher Claims

UPDATE A vulnerability in the popular HotSpot Shield VPN client, which is promoted as being able to hide users’ identities, could expose their IP addresses and “other juicy info,” according to a security researcher. Paulos Yibelo, a researcher who has collected on a number of bug bounties in the...

5CVSS7.5AI score0.11184EPSS
Exploits3References8
CVE
CVE
added 2018/01/31 5:0 p.m.67 views

CVE-2018-6460

Summary: CVE-2018-6460 affects Hotspot Shield, where a local web server (127.0.0.1:895) serves JSONP endpoints. The root cause is insufficient input filtering on the /status.js endpoint, allowing an unauthenticated POST with func=$_APPLOG.Rfunc to disclose sensitive machine data, including VPN st...

7.5CVSS7.4AI score0.11184EPSS
Exploits3References2Affected Software1
exploitpack
exploitpack
added 2018/01/30 12:0 a.m.33 views

Hotspot Shield - Information Disclosure

Hotspot Shield - Information Disclosure Vulnerability Summary The following advisory describes a information disclosure found in Hotspot Shield. Hotspot Shield “provides secure and private access to a free and open internet. Enabling access to social networks, sports, audio and video streaming,...

5CVSS7.5AI score0.11184EPSS
Exploits3
Exploit DB
Exploit DB
added 2018/01/30 12:0 a.m.58 views

Hotspot Shield - Information Disclosure

Vulnerability Summary The following advisory describes a information disclosure found in Hotspot Shield. Hotspot Shield “provides secure and private access to a free and open internet. Enabling access to social networks, sports, audio and video streaming, news, dating, gaming wherever you are.”...

7.5CVSS7.6AI score0.11184EPSS
Exploits3
Rows per page
Query Builder