Hola VPN CVE-2017-16757 Local Privilege Escalation Vulnerability

Hola VPN is prone to a local privilege escalation vulnerability.

A local attacker can leverage this issue to gain elevated privileges.

Hola VPN version 1.34 is affected.

Information

Bugtraq ID: 101787
Class: Design Error
CVE: CVE-2017-16757

Remote: No
Local: Yes
Published: May 03 2016 12:00AM
Updated: Nov 13 2017 03:06PM
Credit: Vulnerability Laboratory [Research Team] - SaifAllah benMassaoud.
Vulnerable: Hola VPN 1.34

Not Vulnerable:

Exploit

The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.

References:

• Hola Homepage (Hola)
  
• Hola VPN v1.34 - Privilege Escalation Vulnerability (vulnerability-lab)
  

Source: www.securityfocus.com