Zachary Huff

3 exploits Active since Nov 2020
CVE-2020-25989 WRITEUP HIGH WRITEUP
Pritunl-client-electron < 1.2.2550.20 - Symlink Following
Privilege escalation via arbitrary file write in pritunl electron client 1.0.1116.6 through v1.2.2550.20. Successful exploitation of the issue may allow an attacker to execute code on the effected system with root privileges.
CVSS 7.8
CVE-2020-27519 WRITEUP HIGH WRITEUP
Pritunl Client v1.2.2550.20 - Privilege Escalation
Pritunl Client v1.2.2550.20 contains a local privilege escalation vulnerability in the pritunl-service component. The attack vector is: malicious openvpn config. A local attacker could leverage the log and log-append along with log injection to create or append to privileged script files and execute code as root/SYSTEM.
CVSS 7.8
CVE-2022-25372 WRITEUP HIGH WRITEUP
Pritunl-client-electron < 1.2.3019.52a - Improper Privilege Management
Pritunl Client through 1.2.3019.52 on Windows allows local privilege escalation, related to an ACL entry for CREATOR OWNER in platform_windows.go.
CVSS 7.8