Privilege Escalation via Specially Crafted Configuration File in ProtonVPN VPN Client 1.5.1
CVE-2018-4010 · HIGH Severity
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
An exploitable code execution vulnerability exists in the connect functionality of ProtonVPN VPN client 1.5.1. A specially crafted configuration file can cause a privilege escalation, resulting in the ability to execute arbitrary commands with the system's privileges.
Learn more about our Web Application Penetration Testing UK.