fbpx
Home /
CSRFopenVPNVPNVulnerability

OpenVPN Desktop client affected by a critical CSRF flaw

By Ehacking Staff

http://www.ehacking.net/2014/07/openvpn-desktop-client-affected-by.htmlResearchers at
SEC Consult have discovered a CSRF vulnerability in the OpenVPN Desktop
Client that can allow remote code execution.


Security researchers at SEC Consult have discovered a CSRF flaw in the OpenVPN Desktop client and promptly reported it to the company in May. OpenVPN Desktop
Client for its Access Server is an SSL VPN for a variety of platforms.
The vulnerability only affects Windows versions of the application.

 

In response to the discovery, OpenVPN issued a security advisory to warn its customers of the presence of a Cross-Site Request Forgery (CSRF) vulnerability in its Desktop Client which could allow an attacker to execute arbitrary code remotely. 

“All Access Server
customers using the ‘Desktop Client’ app for Windows should upgrade
immediately to the OpenVPN Connect client.  The ‘Desktop Client’ is
obsolete and is no longer maintained or available for download. This
client contains a CSRF (Cross Site Request Forgery) vulnerability that
can allow remote code execution by a malicious web site,” 
“It is also bundled with an older
version of OpenSSL that has not received recent OpenSSL security
updates.  This advisory only applies to the OpenVPN Access Server
‘Desktop Client’ app for Windows, and does not affect OpenVPN Connect,
Private Tunnel, or community builds of OpenVPN for Windows.” OpenVPN
reported in the advisory.

Experts at SEC
Consult have verified that vulnerabilities affect OpenVPN Access Server
“Desktop Client” version 1.5.6, which was the most recent version at the
time of discovery. Also, any other versions of the product are affected
by the flaw.

OpenVPN is requesting its customers to update the Desktop Client to avoid attacks which exploit the CSRF flaw.
“Remote
attackers can execute arbitrary code and execute other attacks on
computers with the OpenVPN Access Server “Desktop Client” installed.
Affected users should upgrade immediately to the OpenVPN Connect
client.” the SEC Consult advisory states.

The attacker has to trick the user, running a vulnerable version of OpenVPN,  in to visit a malicious site.
“The
OpenVPN Access Server ‘Desktop Client’ consists of two parts, a Windows
service that offers an XML-RPC API via a webserver on localhost and a GUI component that connects to this API,” 
“The XML-RPC API is vulnerable to Cross-Site Request Forgery (CSRF). Using the API commands an attacker can: unmask a victim (e.g. by
disconnecting an established VPN connection), perform MITM attacks (by
connecting the victim to an ‘evil’ VPN server), execute arbitrary code
with SYSTEM privileges (by adding a VPN profile that executes code).”

SEC Consult has provided a video proof of concept for the OpenVPN Access Server ‘Desktop Client’ vulnerability.

Previous articleAny Keylogger for MAC
Next articleFakeNet Malware Analysis
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

RELATED ARTICLES

VPN

How Linux VPN Use Can Make You Secure

Ehacking Staff - 0
Virtual Private Networks (VPNs) initially enable off-site employees to access business networks remotely yet privately via an insecure Internet connection (public network). And that's...
Read more
VPN

The Lies of VPN Service Providers

Irfan Shakeel - 0
Privacy, anonymity, and security is the main concern for an online user. Many VPN service providers claim that their service helps the user protect...
Read more
VPN

Best VPNs for Android – and Why You Need One Now

Ehacking Staff - 0
Most people protect their laptops and computers from potential cyber-attacks but only consider the cybersecurity of their mobile devices when it’s too late. In recent...
Read more

Most Popular

What Makes ICS/OT Infrastructure Vulnerable?

Academy Ehacking Staff - 0
Infrastructure security for operational technologies (OT) and industrial control systems (ICS) varies from IT security in several ways, with the inverse confidentiality, integrity, and...
Read more

Everything You Must Know About IT/OT Convergence

Academy Ehacking Staff - 0
What is an Operational Technology (OT)? Operational technology (OT) is a technology that primarily monitors and controls physical operations. It can automate and control machines,...
Read more

Understand the OT Security and Its Importance

Cyber Security Ehacking Staff - 0
This article discusses OT security and why it is essential for protecting industrial systems from cyberattacks. We will also discuss common control objectives that can...
Read more

What is Deepfake, and how does it Affect Cybersecurity?

Cyber Security Irfan Shakeel - 0
Producing deepfake is easy. It is hard to detect. They operate with a description of reality rather than reality itself (e.g., a video). Any...
Read more
Load more

ABOUT US

Secure technology infrastructure through quality education Create future Information & Cyber security professionals Education for everyone, everywhere

POPULAR POSTS

What Makes ICS/OT Infrastructure Vulnerable?

Academy Ehacking Staff - 0
Infrastructure security for operational technologies (OT) and industrial control systems (ICS) varies from IT security in several ways, with the inverse confidentiality, integrity, and...
Read more

Everything You Must Know About IT/OT Convergence

Academy Ehacking Staff - 0
What is an Operational Technology (OT)? Operational technology (OT) is a technology that primarily monitors and controls physical operations. It can automate and control machines,...
Read more

Understand the OT Security and Its Importance

Cyber Security Ehacking Staff - 0
This article discusses OT security and why it is essential for protecting industrial systems from cyberattacks. We will also discuss common control objectives that can...
Read more

FOLLOW US

All Rights Reserved by The World of IT & Cyber Security: ehacking.net © 2021