Current Description. Multiple local privilege escalation vulnerabilities have been identified in the LiquidVPN client through 1.37 for macOS. An attacker can communicate with an unprotected XPC service and directly execute arbitrary OS commands as root or load a potentially malicious kernel extension because com.smr.liquidvpn.OVPNHelper uses the system function to execute the "tun_path" …
Apr 12, 2019 LiquidVPN Client up to 1.37 on macos XPC Service command A vulnerability classified as critical was found in LiquidVPN Client up to 1.37 on macos. This vulnerability affects an unknown function of the component XPC Service.The manipulation of the argument command_line as part of a Parameter leads to a privilege escalation vulnerability (OS Command Injection). The CWE definition for the vulnerability is CWE-78. Liquidvpn Client There’s little Liquidvpn Client contest between ExpressVPN, one of the top 3 services of its kind currently on the market, and HideMyAss, a VPN that might be decent for light applications, but is certainly not secure enough for more sensitive data. Sure, the LiquidVPN Review and 51% Lifetime Discount
Features of LiquidVPN Windows VPN Client. Customizable Windows VPN client is an added feature that we have noticed in our LiquidVPN review. We can simply launch the VPN client that resides in the notification bar. It displays us the list of servers of, and we can choose the server of our choice.
Apr 02, 2017
A vulnerability, which was classified as critical, has been found in LiquidVPN Client up to 1.37.This issue affects an unknown functionality of the component XPC Service.The manipulation of the argument tun_path/tap_path with an unknown input leads to a privilege escalation vulnerability (OS Command Injection). Using CWE to declare the problem leads to CWE-78.
Current Description . Multiple local privilege escalation vulnerabilities have been identified in the LiquidVPN client through 1.37 for macOS. An attacker can communicate with an unprotected XPC service and directly execute arbitrary OS commands as root or load a potentially malicious kernel extension because com.smr.liquidvpn.OVPNHelper uses the value of the "tun_path" or "tap_path" … LiquidVPN in Hot Waters: Servers DDoSed, Logging Enabled LiquidVPN in Hot Waters: Servers DDoSed, Logging Enabled & a Partial VPN Blackout Got an Email from Liquid VPN. > 1 corrupted auth server, 1 data center DDOSed, 1 user attacking Bank of America and 50+ abuse reports this week and its only Tuesday.