ExpressVPN

CPE Details

ExpressVPN
expressvpn
expressvpn
-
2019-05-07
16h30 +00:00
2019-05-07
16h30 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:expressvpn:expressvpn:-:*:*:*:*:*:*:*

Informations

Vendor

expressvpn

Product

expressvpn

Version

-

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2018-15490 2019-01-02 17h00 +00:00 An issue was discovered in ExpressVPN on Windows. The Xvpnd.exe process (which runs as a service with SYSTEM privileges) listens on TCP port 2015, which is used as an RPC interface for communication with the client side of the ExpressVPN application. A JSON-RPC protocol over HTTP is used for communication. The JSON-RPC XVPN.GetPreference and XVPN.SetPreference methods are vulnerable to path traversal, and allow reading and writing files on the file system on behalf of the service.
7.1
Haute