Weak Permissions in Hola VPN 1.34 Allows Privilege Escalation via Trojan Horse Files
CVE-2017-16757 · MEDIUM Severity
AV:L/AC:L/AU:N/C:P/I:P/A:P
Hola VPN 1.34 has weak permissions (Everyone:F) under %PROGRAMFILES%, which allows local users to gain privileges via a Trojan horse 7za.exe or hola.exe file.
Learn more about our User Device Pen Test.