CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2017-7720
https://notcve.org/view.php?id=CVE-2017-7720
26 Apr 2017 — Buffer overflow in PrivateTunnel 2.7 and 2.8 allows local attackers to cause a denial of service (SEH overwrite) or possibly have unspecified other impact via a long password. Un desbordamiento de buffer en PrivateTunnel 2.7 y 2.8 permite a un atacante local causar una denegación de servicio (sobreescritura de SEH) a través de una contraseña larga. • https://www.exploit-db.com/exploits/41916 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 4CVE-2014-5455 – OpenVPN Private Tunnel Core Service - Unquoted Service Path Privilege Escalation
https://notcve.org/view.php?id=CVE-2014-5455
25 Aug 2014 — Unquoted Windows search path vulnerability in the ptservice service prior to PrivateTunnel version 3.0 (Windows) and OpenVPN Connect version 3.1 (Windows) allows local users to gain privileges via a crafted program.exe file in the %SYSTEMDRIVE% folder. Vulnerabilidad de la ruta de búsqueda de Windows sin entrecomillar en el servicio ptservice anterior a la versión 3.0 de PrivateTunnel (Windows) y a la versión 3.1 de OpenVPN Connect (Windows) permite a los usuarios locales obtener privilegios a través de un ... • https://www.exploit-db.com/exploits/34037 • CWE-428: Unquoted Search Path or Element •