Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
PureVPN client applications on Linux through September 2025 mishandle firewalling. They flush the system's existing iptables rules and apply default ACCEPT policies when connecting to a VPN server. This removes firewall rules that may have been configured manually or by other software (e.g., UFW, container engines, or system security policies). Upon VPN disconnect, the original firewall state is not restored. As a result, the system may become unintentionally exposed to network traffic that was previously blocked. This affects CLI 2.0.1 and GUI 2.10.0.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
Vulnerability Type
在范围间的资源转移不正确
Vulnerability Title
PureVPN 安全漏洞
Vulnerability Description
PureVPN是PureVPN公司的一个 VPN 软件。 PureVPN CLI 2.0.1版本和GUI 2.10.0版本存在安全漏洞,该漏洞源于错误处理防火墙规则,可能导致系统意外暴露于网络流量。
CVSS Information
N/A
Vulnerability Type
N/A