漏洞标题
N/A
漏洞描述信息
在Windows上的 PureVPN 中发现了一个问题。客户端安装授予Everyone 组完全控制权限到安装目录。此外, PureVPNService.exe 服务在 NT Authority\SYSTEM 权限下试图使用相对路径加载多个动态链接库,而不是使用绝对路径。在没有使用完全指定路径时,应用程序将首先尝试从应用程序启动的目录加载库。由于 PureVPNService.exe 的存取目录对所有用户都可写,这使得应用程序容易通过 DLL 劫持 privilege escalation。
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
An issue was discovered in PureVPN through 5.19.4.0 on Windows. The client installation grants the Everyone group Full Control permission to the installation directory. In addition, the PureVPNService.exe service, which runs under NT Authority\SYSTEM privileges, tries to load several dynamic-link libraries using relative paths instead of the absolute path. When not using a fully qualified path, the application will first try to load the library from the directory from which the application is started. As the residing directory of PureVPNService.exe is writable to all users, this makes the application susceptible to privilege escalation through DLL hijacking.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
PureVPN for Windows 权限许可和访问控制漏洞
漏洞描述信息
PureVPN for Windows是一套基于Windows平台的VPN软件。 基于Windows平台的PureVPN 5.19.4.0及之前版本中存在提权漏洞。攻击者可通过劫持DLL利用该漏洞获取NT Authority\SYSTEM权限。
CVSS信息
N/A
漏洞类别
授权问题