VYPR
Unrated severityNVD Advisory· Published Dec 4, 2025· Updated Dec 5, 2025

VeeVPN 1.6.1 - Unquoted Service Path Remote Code Execution

CVE-2025-66575

Description

VeeVPN 1.6.1 contains an unquoted service path vulnerability in the VeePNService that allows remote attackers to execute code during startup or reboot with escalated privileges. Attackers can exploit this by providing a malicious service name, allowing them to inject commands and run as LocalSystem.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.