FortiClient VulnerabilitySecurity Vulnerabilities fixed in Pritunl Client ADVISORY: 2021-04-30
Description
Pritunl Client 1.0.1116.6 through v1.2.2550.20 contains a local privilege escalation vulnerability in the pritunl-service component. The attack vector is: malicious openvpn config. A local attacker could leverage the log and log-append along with log injection to create or append to privileged script files and execute code as root/SYSTEM.
Affected Applications
Pritunl Client
Other References
https://vkas-afk.github.io/vuln-disclosures/| ID | 2371 |
| Created | Sep 09, 2021 |
| Description Updated |
Nov 08, 2023 |
| Risk |
|
| Coverage | FortiClient |
| OS | Windows |
| Vendor | Pritunl |
| Patch | manual |
| Application | Pritunl Client |