AmberWolf Research
  • Home
  • Blog
  • Disclosure Policy
  • Main Site
to navigate to select ESC to close
  • Richard Warren Richard Warren
  • David Cash David Cash
  • 31 Jul, 2024
    • Cato
    • VPN
    • Vulnerability
    • Disclosure

Cato Client - Local Privilege Escalation via OpenSSL Configuration File (CVE-2024-6975)

The OpenSSL implementation in the winvpnclient.cli.exe service executable is configured to load an openssl.cnf file from a location that does not …

Read Article
  • Richard Warren Richard Warren
  • David Cash David Cash
  • 31 Jul, 2024
    • Cato
    • VPN
    • Vulnerability
    • Disclosure

Cato Client - Local Privilege Escalation via Self-Upgrade (CVE-2024-6974)

The Cato Client was found to use an insecure temporary folder for downloading and processing updates.

Read Article
  • Richard Warren Richard Warren
  • David Cash David Cash
  • 31 Jul, 2024
    • Cato
    • VPN
    • Vulnerability Disclosure

Cato SSO - Open Redirect Leading to Config Theft

The web service used during the Cato SSO authentication flow was found to contain an Open Redirect issue, which could allow a remote attacker to …

Read Article
  • Richard Warren Richard Warren
  • David Cash David Cash
  • 31 Jul, 2024
    • Cato
    • VPN
    • Vulnerability Disclosure

Remote Code Execution via Crafted URLs (CVE-2024-6973)

The Cato Client suffers from a Remote Code Execution vulnerability which could be triggered via a URL handler, or via requests to the local webserver.

Read Article
  • Richard Warren Richard Warren
  • David Cash David Cash
  • 31 Jul, 2024
    • Cato
    • VPN
    • Vulnerability
    • Disclosure

Cato Client - Local Root Certificate Install as Low Privileged User (CVE-2024-6978)

The Cato Client allows a low-privileged, local user to install arbitrary Root CA Certificates in the computer’s certificate store.

Read Article
  • 1
  • 2
  • 3
  • 4
  • 5
  • Main Site
  • Privacy

Copyright AmberWolf 2024-2026