1 week ago

Researcher Claims Hotspot Shield VPN Service Exposes You on the Internet


Virtual Private Network (VPN) will be one of the best solutions you can have to protect your privacy as well as also data on the Internet, however you should be more vigilant while choosing a VPN service which truly respects your privacy.

If you are using the well-known VPN service Hotspot Shield for online anonymity as well as also privacy, you may inadvertently be leaking your real IP address as well as also various other sensitive information.

Developed by AnchorFree GmbH, Hotspot Shield will be a VPN service available for free on Google Play Store as well as also Apple Mac App Store with an estimated 500 million users around the earth.

The service promises to “secure all online activities,” hide users’ IP addresses as well as also their identities as well as also protect them through tracking by transferring their internet as well as also browsing traffic through its encrypted channel.

However, an ‘alleged’ information disclosure vulnerability discovered in Hotspot Shield results from the exposure of users data, like the name of Wi-Fi network name (if connected), their real IP addresses, which could reveal their location, as well as also various other sensitive information.

The vulnerability, assigned CVE-2018-6460, has been discovered as well as also reported to the company by an independent security researcher, Paulos Yibelo, however he made details of the vulnerability to the public on Monday after not receiving a response through the company.

According to the researcher claims, the flaw resides from the local web server (runs on a hardcoded host as well as also port 895) which Hotspot Shield installs on the user’s machine.

This specific server hosts multiple JSONP endpoints, which are surprisingly accessible to unauthenticated requests as well which in response could reveal sensitive information about the active VPN service, including its configuration details.

“http://localhost:895/status.js generates a sensitive JSON response which reveals whether the user will be connected to VPN, to which VPN he/she will be connected to what as well as also what their real IP address will be & various other system juicy information. There are various other multiple endpoints which return sensitive data including configuration details,” Yibelo claims.

“User-controlled input will be not sufficiently filtered: an unauthenticated attacker can send a POST request to /status.js with the parameter func=$_APPLOG.Rfunc as well as also extract sensitive information about the machine,” the vulnerability description reads.

Yibelo has also publicly released a proof-of-concept (PoC) exploit code—just a few lines of JavaScript code—which could allow an unauthenticated, remote attacker to extract sensitive information as well as also configuration data.

However, ZDNet reporter Zack Whittaker tries to verify researcher’s claim as well as also found which the PoC code only revealed the Wi-Fi network name as well as also country, however not the real IP address.


In a statement, AnchorFree spokesperson acknowledged the vulnerability however denied the disclosure of real IP address as claimed by Yibelo.

“We have found which This specific vulnerability does not leak the user’s real IP address or any personal information, however may expose some generic information such as the user’s country,” the spokesperson told ZDNet.

The researcher also claims which he was able to leverage This specific vulnerability to achieve remote code execution.

Hotspot Shield also made headlines in August last year, when the Centre for Democracy as well as also Technology (CDT), a US non-profit advocacy group for digital rights, accused the service of allegedly tracking, intercepting as well as also collecting its customers’ data.

Article Categories:
Security Hacks

Leave a Comment

Your email address will not be published. Required fields are marked *

11 + fifteen =