Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:45 a.m.16 views

CVE-2024-25728

ExpressVPN before 12.73.0 on Windows, when split tunneling is used, sends DNS requests according to the Windows configuration e.g., sends them to DNS servers operated by the user's ISP instead of to the ExpressVPN DNS servers, which may allow remote attackers to obtain sensitive information about...

7.5CVSS6.5AI score0.00669EPSS
Exploits0References1
NVD
NVD
added 2024/02/11 10:15 p.m.21 views

CVE-2024-25728

ExpressVPN before 12.73.0 on Windows, when split tunneling is used, sends DNS requests according to the Windows configuration e.g., sends them to DNS servers operated by the user's ISP instead of to the ExpressVPN DNS servers, which may allow remote attackers to obtain sensitive information about...

7.5CVSS6.2AI score0.00669EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/02/11 12:0 a.m.31 views

CVE-2024-25728

ExpressVPN before 12.73.0 on Windows, when split tunneling is used, sends DNS requests according to the Windows configuration e.g., sends them to DNS servers operated by the user's ISP instead of to the ExpressVPN DNS servers, which may allow remote attackers to obtain sensitive information about...

6.4AI score0.00669EPSS
Exploits0References2
CVE
CVE
added 2024/02/11 12:0 a.m.227 views

CVE-2024-25728

ExpressVPN has a DNS leakage issue on Windows for versions prior to 12.73.0 when split tunneling is enabled. The VPN forwards DNS requests according to Windows’ configuration (e.g., to ISP DNS servers) rather than to ExpressVPN’s DNS servers, which may allow remote attackers to infer websites vis...

7.5CVSS6.3AI score0.00669EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder