Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
SaferVPN 4.2.5 for Windows suffers from a SYSTEM privilege escalation vulnerability in its "SaferVPN.Service" service. The "SaferVPN.Service" service executes "openvpn.exe" using OpenVPN config files located within the current user's %LOCALAPPDATA%\SaferVPN\OvpnConfig directory. An authenticated attacker may modify these configuration files to specify a dynamic library plugin that should run for every new VPN connection attempt. This plugin will execute code in the context of the SYSTEM user.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SaferVPN for Windows 安全漏洞
Vulnerability Description
SaferVPN for Windows是一款基于Windows平台的VPN软件。 基于Windows平台的SaferVPN 4.2.5版本中的SaferVPN.Service服务存在提权漏洞。攻击者可通过修改配置文件来指定用于运行新的VPN连接请求的动态库插件利用该漏洞以SYSTEM用户身份执行代码。
CVSS Information
N/A
Vulnerability Type
N/A