Atlas VPN zero-day vulnerability leaks users' real IP address

[correlate]

Level 18
Thread author
Top Poster
Well-known
May 4, 2019
800
An Atlas VPN zero-day vulnerability affecting the Linux client leaks a user's real IP address simply by visiting a website.
Atlas VPN is a VPN product that offers a cost-effective solution based on WireGuard and supports all major operating systems.
In a proof of concept exploit shared on Reddit, a researcher describes how the Linux client of Atlas VPN, specifically the latest version, 1.0.3, has an API endpoint that listens on localhost (127.0.0.1) over port 8076.
This API offers a command-line interface (CLI) for performing various actions, such as disconnecting a VPN session using the http://127.0.0.1:8076/connection/stop URL.
However, this API does not perform any authentication, allowing anyone to issue commands to the CLI, even a website you are visiting.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top