2 weeks ago

Researcher Claims Hotspot Shield VPN Service Exposes You on the Internet


Virtual Private Network (VPN) can be one of the best solutions you can have to protect your privacy in addition to also data on the Internet, nevertheless you should be more vigilant while choosing a VPN service which truly respects your privacy.

If you are using the well-liked VPN service Hotspot Shield for online anonymity in addition to also privacy, you may inadvertently be leaking your real IP address in addition to also additional sensitive information.

Developed by AnchorFree GmbH, Hotspot Shield can be a VPN service available for free on Google Play Store in addition to also Apple Mac App Store with an estimated 500 million users around the entire world.

The service promises to “secure all online activities,” hide users’ IP addresses in addition to also their identities in addition to also protect them via tracking by transferring their internet in addition to also browsing traffic through its encrypted channel.

However, an ‘alleged’ information disclosure vulnerability discovered in Hotspot Shield results inside exposure of users data, like the name of Wi-Fi network name (if connected), their real IP addresses, which could reveal their location, in addition to also additional sensitive information.

The vulnerability, assigned CVE-2018-6460, has been discovered in addition to also reported to the company by an independent security researcher, Paulos Yibelo, nevertheless he made details of the vulnerability to the public on Monday after not receiving a response via the company.

According to the researcher claims, the flaw resides inside local web server (runs on a hardcoded host in addition to also port 895) of which Hotspot Shield installs on the user’s machine.

This kind of server hosts multiple JSONP endpoints, which are surprisingly accessible to unauthenticated requests as well of which in response could reveal sensitive information about the active VPN service, including its configuration details.

“http://localhost:895/status.js generates a sensitive JSON response of which reveals whether the user can be connected to VPN, to which VPN he/she can be connected to what in addition to also what their real IP address can be & additional system juicy information. There are additional multiple endpoints of which return sensitive data including configuration details,” Yibelo claims.

“User-controlled input can be not sufficiently filtered: an unauthenticated attacker can send a POST request to /status.js with the parameter func=$_APPLOG.Rfunc in addition to also extract sensitive information about the machine,” the vulnerability description reads.

Yibelo has also publicly released a proof-of-concept (PoC) exploit code—just a few lines of JavaScript code—of which could allow an unauthenticated, remote attacker to extract sensitive information in addition to also configuration data.

However, ZDNet reporter Zack Whittaker tries to verify researcher’s claim in addition to also found of which the PoC code only revealed the Wi-Fi network name in addition to also country, nevertheless not the real IP address.


In a statement, AnchorFree spokesperson acknowledged the vulnerability nevertheless denied the disclosure of real IP address as claimed by Yibelo.

“We have found of which This kind of vulnerability does not leak the user’s real IP address or any personal information, nevertheless may expose some generic information such as the user’s country,” the spokesperson told ZDNet.

The researcher also claims of which he was able to leverage This kind of vulnerability to achieve remote code execution.

Hotspot Shield also made headlines in August last year, when the Centre for Democracy in addition to also Technology (CDT), a US non-profit advocacy group for digital rights, accused the service of allegedly tracking, intercepting in addition to also collecting its customers’ data.

Article Categories:
Security Hacks

Leave a Comment

Your email address will not be published. Required fields are marked *

two + 12 =