14 matches found
CVE-2024-25728
ExpressVPN before 12.73.0 on Windows, when split tunneling is used, sends DNS requests according to the Windows configuration e.g., sends them to DNS servers operated by the user's ISP instead of to the ExpressVPN DNS servers, which may allow remote attackers to obtain sensitive information about...
ExpressVPN Bug Leaked DNS Requests for Windows Users
By Waqas Patch Your VPN! ExpressVPN Bug Leaks DNS Requests for Windows Users with Split Tunneling! This is a post from HackRead.com Read the original post: ExpressVPN Bug Leaked DNS Requests for Windows Users...
CVE-2024-25728
ExpressVPN before 12.73.0 on Windows, when split tunneling is used, sends DNS requests according to the Windows configuration e.g., sends them to DNS servers operated by the user's ISP instead of to the ExpressVPN DNS servers, which may allow remote attackers to obtain sensitive information about...
CVE-2024-25728
ExpressVPN before 12.73.0 on Windows, when split tunneling is used, sends DNS requests according to the Windows configuration e.g., sends them to DNS servers operated by the user's ISP instead of to the ExpressVPN DNS servers, which may allow remote attackers to obtain sensitive information about...
Code injection
ExpressVPN before 12.73.0 on Windows, when split tunneling is used, sends DNS requests according to the Windows configuration e.g., sends them to DNS servers operated by the user's ISP instead of to the ExpressVPN DNS servers, which may allow remote attackers to obtain sensitive information about...
CVE-2024-25728
ExpressVPN before 12.73.0 on Windows, when split tunneling is used, sends DNS requests according to the Windows configuration e.g., sends them to DNS servers operated by the user's ISP instead of to the ExpressVPN DNS servers, which may allow remote attackers to obtain sensitive information about...
PT-2024-2361 · Expressvpn · Expressvpn
Name of the Vulnerable Software and Affected Versions: ExpressVPN versions prior to 12.73.0 on Windows Description: The issue is related to the split tunneling feature in ExpressVPN, which sends DNS requests according to the Windows configuration instead of using the ExpressVPN DNS servers. This...
CVE-2024-25728
ExpressVPN before 12.73.0 on Windows, when split tunneling is used, sends DNS requests according to the Windows configuration e.g., sends them to DNS servers operated by the user's ISP instead of to the ExpressVPN DNS servers, which may allow remote attackers to obtain sensitive information about...
CVE-2024-25728
ExpressVPN has a DNS leakage issue on Windows for versions prior to 12.73.0 when split tunneling is enabled. The VPN forwards DNS requests according to Windows’ configuration (e.g., to ISP DNS servers) rather than to ExpressVPN’s DNS servers, which may allow remote attackers to infer websites vis...
CVE-2020-15590
A vulnerability in the Private Internet Access PIA VPN Client for Linux 1.5 through 2.3+ allows remote attackers to bypass an intended VPN kill switch mechanism and read sensitive information via intercepting network traffic. Since 1.5, PIA has supported a “split tunnel” OpenVPN bypass option. Th...
Threat Source newsletter for May 7, 2020
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. With all of us working from home, Beers with Talos episodes are coming out faster than ever. This week, we have an actual episode with...
Alternative ways for security professionals and IT to achieve modern security controls in today’s unique remote work scenarios
With the bulk of end users now working remotely, legacy network architectures that route all remote traffic through a central corporate network are suddenly under enormous strain. The result can be poorer performance, productivity, and user experience. Many organizations are now rethinking their...
SSL VPN Split Tunnel Issue Through NetScaler
Split tunneling does not allow to access internal websites. When WorxWeb is launched "The VPN service has failed to connect" error message is displayed. With split tunneling disabled customer is able to view website fine traffic is routed to internal network. When trying to hit external network...
VPN Tunnel Detection via HTTP CONNECT
Binary data 3177.prm...