Unrated severityNVD Advisory· Published Dec 4, 2025· Updated Dec 5, 2025
VeeVPN 1.6.1 - Unquoted Service Path Remote Code Execution
CVE-2025-66575
Description
VeeVPN 1.6.1 contains an unquoted service path vulnerability in the VeePNService that allows remote attackers to execute code during startup or reboot with escalated privileges. Attackers can exploit this by providing a malicious service name, allowing them to inject commands and run as LocalSystem.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: = 1.6.1
- VeePN/VeeVPNv5Range: 1.6.1
Patches
Vulnerability mechanics
References
3- www.exploit-db.com/exploits/52088mitreexploit
- www.vulncheck.com/advisories/veevpn-161-unquoted-service-path-remote-code-executionmitrethird-party-advisory
- veepn.commitreproduct
News mentions
0No linked articles in our index yet.