6 matches found
CVE-2018-4008
An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the RunVpncScript command. The command takes a user-supplied script argument and executes it under root context. A user with local access can use this vulnerability to raise their privileges to roo...
CVE-2018-4008
An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the RunVpncScript command. The command takes a user-supplied script argument and executes it under root context. A user with local access can use this vulnerability to raise their privileges to roo...
Privilege escalation
An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the RunVpncScript command. The command takes a user-supplied script argument and executes it under root context. A user with local access can use this vulnerability to raise their privileges to roo...
CVE-2018-4008
CVE-2018-4008 affects Shimo VPN 4.1.5.1: the helper service’s RunVpncScript command executes a user-supplied script argument as root, enabling local privilege escalation. The exploits require local access; no remote access needed, and the script is executed with root privileges without input vali...
Shimo VPN helper tool RunVpncScript privilege escalation vulnerability
Summary An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the RunVpncScript command. The command takes a user-supplied script argument and executes it under root context. A user with local access can use this vulnerability to raise their privilege...
PT-2019-10748 · Feingeist · Shimo Vpn
Name of the Vulnerable Software and Affected Versions: Shimo VPN version 4.1.5.1 Description: A privilege escalation issue exists in the Shimo VPN helper service, specifically in the RunVpncScript command. This command executes a user-supplied script argument under root context, allowing a user...