The “ Pen Test Partners” researchers explain that despite CyberGhost’s developers implementing various protections, such as ensuring the named pipe isn’t accessible over the network and correctly configuring JsonSerializer to prevent arbitrary. The CyberGhost VPN client vulnerability (CVE-2023-30237) is an elevation of privilege issue that allowed attackers to inject malicious command lines using a crafted JSON payload.īy exploiting the RPC service, which was intended to only accept requests from the same process, attackers could bypass the process origin check, manipulate the communication protocol, and gain complete system control through OpenVPN’s plugin feature. Users of the popular VPN software are recommended to upgrade to client version 8.5 or later, released on February 24, 2023, to address the problem. The Windows client of CyberGhost VPN older than version 8.5 is vulnerable to a flaw that could allow attackers to perform command line injection and escalate their privileges on the impacted system.Īccording to a report by the security researcher who discovered the flaw, a specially crafted JSON payload sent to the CyberGhost RPC service during the launch of the OpenVPN process can lead to complete system compromise.
0 Comments
Leave a Reply. |