Pritunl Client
by Pritunl
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-43917 | Hig | 0.53 | 8.2 | 0.00 | Apr 19, 2025 | In Pritunl Client before 1.3.4220.57, an administrator with access to /Applications can escalate privileges after uninstalling the product. Specifically, an administrator can insert a new file at the pathname of the removed pritunl-service file. This file then is executed by a… | ||
| CVE-2016-7064 | Hig | 0.42 | 7.5 | 0.01 | Jul 21, 2020 | A flaw was found in pritunl-client before version 1.0.1116.6. A lack of signature verification leads to sensitive information leakage | ||
| CVE-2022-25372 | Hig | 0.00 | 7.8 | 0.01 | Feb 20, 2022 | Pritunl Client through 1.2.3019.52 on Windows allows local privilege escalation, related to an ACL entry for CREATOR OWNER in platform_windows.go. | ||
| CVE-2020-27519 | Hig | 0.00 | 7.8 | 0.00 | Apr 30, 2021 | Pritunl Client v1.2.2550.20 contains a local privilege escalation vulnerability in the pritunl-service component. The attack vector is: malicious openvpn config. A local attacker could leverage the log and log-append along with log injection to create or append to privileged… | ||
| CVE-2020-25989 | Hig | 0.00 | 7.8 | 0.01 | Nov 19, 2020 | Privilege escalation via arbitrary file write in pritunl electron client 1.0.1116.6 through v1.2.2550.20. Successful exploitation of the issue may allow an attacker to execute code on the effected system with root privileges. |
- risk 0.53cvss 8.2epss 0.00
In Pritunl Client before 1.3.4220.57, an administrator with access to /Applications can escalate privileges after uninstalling the product. Specifically, an administrator can insert a new file at the pathname of the removed pritunl-service file. This file then is executed by a…
- risk 0.42cvss 7.5epss 0.01
A flaw was found in pritunl-client before version 1.0.1116.6. A lack of signature verification leads to sensitive information leakage
- risk 0.00cvss 7.8epss 0.01
Pritunl Client through 1.2.3019.52 on Windows allows local privilege escalation, related to an ACL entry for CREATOR OWNER in platform_windows.go.
- risk 0.00cvss 7.8epss 0.00
Pritunl Client v1.2.2550.20 contains a local privilege escalation vulnerability in the pritunl-service component. The attack vector is: malicious openvpn config. A local attacker could leverage the log and log-append along with log injection to create or append to privileged…
- risk 0.00cvss 7.8epss 0.01
Privilege escalation via arbitrary file write in pritunl electron client 1.0.1116.6 through v1.2.2550.20. Successful exploitation of the issue may allow an attacker to execute code on the effected system with root privileges.