it.itopvpn.com Cross Site Scripting vulnerability OBB-3886950

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2022-24141

The iTopVPNmini.exe component of iTop VPN 3.2 will try to connect to datastateiTopVPNPipeServer on a loop. An attacker that opened a named pipe with the same name can use it to gain the token of another user by listening for connections and abusing ImpersonateNamedPipeClient...

CVE-2022-24141

The iTopVPNmini.exe component of iTop VPN 3.2 will try to connect to datastateiTopVPNPipeServer on a loop. An attacker that opened a named pipe with the same name can use it to gain the token of another user by listening for connections and abusing ImpersonateNamedPipeClient...

CVE-2022-24141

The iTopVPNmini.exe component of iTop VPN 3.2 will try to connect to datastateiTopVPNPipeServer on a loop. An attacker that opened a named pipe with the same name can use it to gain the token of another user by listening for connections and abusing ImpersonateNamedPipeClient...

CVE-2022-24141

The CVE-2022-24141 vulnerability affects iTop VPN 3.2, specifically the iTopVPNmini.exe component. It can loop connection attempts to the named pipe datastate_iTopVPN_Pipe_Server, allowing an attacker who opens a pipe with the same name to listen for connections and abuse ImpersonateNamedPipeClie...