CNNVD-202509-4429 Information

CNNVD ID

CNNVD-202509-4429

Related CVE

CVE-2025-11130

• CNNVD Published: 2025-09-29

Description (Chinese)

pptp-vpn是iHongRen个人开发者的一个VPN客户端。 pptp-vpn 1.0版本和1.0.1版本存在访问控制错误漏洞，该漏洞源于XPC Service组件中文件HelpTool/HelperTool.m的函数shouldAcceptNewConnection缺少身份验证，可能导致本地攻击。

Description (English)

pptp-vpn is a VPN client for iHongRen personal developer. Versions 1.0 and 1.0.1 of pptp-vpn have access control error loopholes, which stem from the lack of identification in the XPC Service component of document HelpTool/HelperTool.m.

Hazard Level

Medium

Vulnerability Type

访问控制错误

Affected Vendor

个人开发者

Published

2025-09-29

Last Modified

2026-02-24

References

https://github.com/SwayZGl1tZyyy/n-days/blob/main/pptp-vpn/README.md https://vuldb.com/?ctiid.326210 https://vuldb.com/?id.326210 https://vuldb.com/?submit.655456 https://access.redhat.com/security/cve/cve-2025-11130