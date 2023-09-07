Vida da cidade

Presentando as novas tecnoloxías e o poder da IA

Fallo de día cero no cliente Atlas VPN Linux expón os enderezos IP dos usuarios

ByMampho Brescia

Setembro 7, 2023
A critical zero-day vulnerability has been discovered in the Linux client of popular virtual private network (VPN) service, Atlas VPN. The flaw, brought to light by a Reddit user named “Educational-Map-8145,” affects the latest version of the client (1.0.3) and allows malicious websites to disconnect the VPN and expose the user’s IP address. This security risk raises concerns about user privacy and the overall security of the VPN service.

The vulnerability is attributed to an API endpoint within the Atlas VPN Linux Client that listens on the localhost through port 8076. This API lacks any form of authentication, making it vulnerable to exploitation by programs running on the user’s computer, including web browsers. This flaw enables any website to trigger a VPN disconnection and subsequently leak the user’s home IP address.

Addressing the seriousness of the issue, Mayuresh Dani, the manager of threat research at Qualys, explained that VPNs are often situated at the perimeter, acting as a gateway to internal and external networks. As a result, VPN clients become an attractive target for both external and internal bad actors, increasing the attack surface.

Security experts advise Atlas VPN users to exercise caution while browsing the web until a patch or solution is provided to address this critical vulnerability. The exploit code shared by the researcher demonstrates the potential risk, highlighting the need for immediate action.

Shawn Surber, Senior Director of Technical Account Management at Tanium, commented that the vulnerability bypasses Cross-Origin Resource Sharing (CORS) protection by using a simple command. This command effectively turns off the VPN, exposing the user’s IP address and general location.

Despite attempts by Educational-Map-8145 to contact Atlas VPN’s support for responsible disclosure or information on a bug bounty program, no response has been received. Infosecurity reached out to Atlas VPN for an official statement regarding the security concern but has also not received a response at the time of writing.

In light of this critical flaw, it is crucial for VPN users to remain vigilant and stay aware of potential risks until a fix is implemented.

Fontes:
- Artigo fonte

