Vulnerabilities (CVE)

Filtered by vendor Cactusvpn Subscribe
Filtered by product Cactusvpn
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-7493 2 Apple, Cactusvpn 2 Macos, Cactusvpn 2024-11-21 10.0 HIGH 9.8 CRITICAL
CactusVPN through 6.0 for macOS suffers from a root privilege escalation vulnerability in its privileged helper tool. The privileged helper tool implements an XPC interface, which allows arbitrary applications to execute system commands as root.
CVE-2018-7281 1 Cactusvpn 1 Cactusvpn 2024-11-21 9.0 HIGH 8.8 HIGH
CactusVPN 5.3.6 for macOS contains a root privilege escalation vulnerability through a setuid root binary called runme. The binary takes a single command line argument and passes this argument to a system() call, thus allowing low privileged users to execute commands as root.