Security Advisory

CVE-2025-66575

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-04 20:46:08

Last updated 2025-12-05 17:44:47

Assigner VulnCheck

State PUBLISHED

Description

VeeVPN 1.6.1 contains an unquoted service path vulnerability in the VeePNService that allows remote attackers to execute code during startup or reboot with escalated privileges. Attackers can exploit this by providing a malicious service name, allowing them to inject commands and run as LocalSystem.

← Browse all CVEs View on cve.org ↗