CVE-2025-66575 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

VeeVPN 1.6.1 contains an unquoted service path vulnerability in the VeePNService that allows remote attackers to execute code during startup or reboot with esca…
High CVSS: 8.5

CVE-2025-66575

VeeVPN 1.6.1 contains an unquoted service path vulnerability in the VeePNService that allows remote attackers to execute code during startup or reboot with escalated privileges. Attackers can exploit this by providing a malicious service name, allowing them to inject commands and run as LocalSystem.
Vendor
Veepn
Product
Veepn
CWE
CWE-428
Yayın Tarihi
2025-12-04 21:16:10
Güncelleme
2025-12-30 16:33:54
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-428 Veepn HIGH Veepn 2025

Referanslar

https://github.com/veepn/veepn https://veepn.com/ https://www.exploit-db.com/exploits/52088 https://www.vulncheck.com/advisories/veevpn-161-unquoted-service-path-remote-code-execution https://www.exploit-db.com/exploits/52088