CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-4010

An exploitable code execution vulnerability exists in the connect functionality of ProtonVPN VPN client 1.5.1. A specially crafted configuration file can cause a privilege escalation, resulting in the ability to execute arbitrary commands with the system's privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 66.7%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 9.3

References

http://www.securityfocus.com/bid/105319
https://talosintelligence.com/vulnerability_reports/TALOS-2018-0679
http://www.securityfocus.com/bid/105319
https://talosintelligence.com/vulnerability_reports/TALOS-2018-0679

Products affected by CVE-2018-4010

Protonvpn » Protonvpn » Version: 1.5.1

cpe:2.3:a:protonvpn:protonvpn:1.5.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-4010

Products

Pricing

Contact Us