Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
An issue was discovered in AnchorFree VPN SDK before 1.3.3.218. The VPN SDK service takes certain executable locations over a socket bound to localhost. Binding to the socket and providing a path where a malicious executable file resides leads to executing the malicious executable file with SYSTEM privileges.
- https://www.pango.co/sec31944/
- https://github.com/0xT11/CVE-POC
- https://github.com/0xsha/ZombieVPN
- https://github.com/ARPSyndicate/cvemon
- https://github.com/alphaSeclab/sec-daily-2020
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/iamthefrogy/BountyHound
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/soosmile/POC