Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Lock WARP switch bypass on WARP mobile client using iOS quick action
Vulnerability Description
Lock Warp switch is a feature of Zero Trust platform which, when enabled, prevents users of enrolled devices from disabling WARP client. Due to insufficient policy verification by WARP iOS client, this feature could be bypassed by using the "Disable WARP" quick action.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:L
Vulnerability Type
授权机制缺失
Vulnerability Title
Cloudflare WARP 数据伪造问题漏洞
Vulnerability Description
Cloudflare WARP(Cloudflare Vpn)是美国Cloudflare公司的一个用于安全连接的客户端应用软件。 Cloudflare WARP Zero Trust platform存在安全漏洞,该漏洞源于WARP iOS客户端的策略验证不足,导致攻击者可以使用“禁用WARP”快捷操作绕过Lock Warp功能。
CVSS Information
N/A
Vulnerability Type
N/A