An Atlas VPN zero-day vulnerability affecting the Linux client leaks a user's real IP address simply by visiting a website.
Atlas VPN is a VPN product that offers a cost-effective solution based on WireGuard and supports all major operating systems.
In a proof of concept exploit shared on Reddit, a researcher describes how the Linux client of Atlas VPN, specifically the latest version, 1.0.3, has an API endpoint that listens on localhost (127.0.0.1) over port 8076.
This API offers a command-line interface (CLI) for performing various actions, such as disconnecting a VPN session using the
http://127.0.0.1:8076/connection/stop URL.
However, this API does not perform any authentication, allowing anyone to issue commands to the CLI, even a website you are visiting.
![[correlate]](/data/avatars/m/79/79653.jpg?1556985072){kind=avatar}
