Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple local privilege escalation vulnerabilities have been identified in the LiquidVPN client through 1.37 for macOS. An attacker can communicate with an unprotected XPC service and directly execute arbitrary OS commands as root or load a potentially malicious kernel extension because com.smr.liquidvpn.OVPNHelper uses the system function to execute the "openvpncmd" parameter as a shell command.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
LiquidVPN For macOS 权限许可和访问控制问题漏洞
Vulnerability Description
LiquidVPN For MacOS是一款基于MacOS平台的用于匿名访问互联网的VPN软件。 LiquidVPN For MacOS 1.37及之前的版本中的‘anycmd’参数存在提权漏洞。攻击者可利用该漏洞以root权限执行操作系统命令或加载恶意的内核扩展。
CVSS Information
N/A
Vulnerability Type
N/A