Home | Research | Resources | Advisories | CactusVPN for MacOS
Root Privilege Escalation | setuid
CVE ID
CVE-2018-7281
VENDOR
CactusVPN
PRODUCT
CactusVPN
Product version
CactusVPN for MacOS < 5.3.6
Vulnerability Details
The CactusVPN for MacOS contains a root privilege escalation vulnerability through a setuid root binary called runme. The binary takes a single command line argument and passes this to a system()
call, thus allowing low privileged users to execute commands as root.
Learn More →
Vendor response
CactusVPN has remediated the vulnerability.
Disclosure timeline
02-16-2018 - Vendor contacted via Twitter 02-16-2018 - Vendor contacted via Facebook 02-16-2018 - Vendor response and disclosure 02-17-2018 - Vendor responded that team is working on update 02-20-2018 - VerSprite confirmed the ETA release of the patched sofware 02-20-2018 - Vendor sent patched software for validation 02-21-2018 - VerSprite validated the vulnerability had been fixed 02-21-2018 - Vendor notified of advisory release