Code injection

Golden Frog VyprVPN before 2018-06-21 has a vulnerability associated with the installation process on Windows...

CVE-2018-13133

Golden Frog VyprVPN before 2018-06-21 has a vulnerability associated with the installation process on Windows...

CVE-2018-13133

Connected documents indicate CVE-2018-13133 concerns Golden Frog VyprVPN prior to 2018-06-21 and a Windows installer vulnerability. The PRION record lists the issue as “Code injection” with no further technical specifics, and other sources reiterate the vulnerable timeframe without detailing root...

CVE-2018-13133

Golden Frog VyprVPN before 2018-06-21 has a vulnerability associated with the installation process on Windows...

CVE-2018-10645

CVE-2018-10645 affects Golden Frog VyprVPN 2.12.1.8015 for Windows. The VyprVPN service exposes a NetNamedPipe endpoint; its SetProperty method allows configuring AdditionalOpenVpnParameters and OpenVPN command line, enabling a dynamic library plugin via the OpenVPN plugin parameter to run code u...

CVE-2017-17809

In Golden Frog VyprVPN before 2.15.0.5828 for macOS, the vyprvpnservice launch daemon has an unprotected XPC service that allows attackers to update the underlying OpenVPN configuration and the arguments passed to the OpenVPN binary when executed. An attacker can abuse this vulnerability by forci...

Code injection

In Golden Frog VyprVPN before 2.15.0.5828 for macOS, the vyprvpnservice launch daemon has an unprotected XPC service that allows attackers to update the underlying OpenVPN configuration and the arguments passed to the OpenVPN binary when executed. An attacker can abuse this vulnerability by forci...

CVE-2017-17809

The CVE-2017-17809 entry affects Golden Frog VyprVPN for macOS prior to 2.15.0.5828. The vyprvpnservice launch daemon exposes an unprotected XPC service that lets attackers update the underlying OpenVPN configuration and the arguments passed to the OpenVPN binary. An attacker could abuse this to ...