Cybersecurity specialists from Fidus Information Security reported the detection of a critical zero-day vulnerability in Virgin Media Super Hub 3 whose successful exploitation would allow threat actors to reveal the real IP addresses of VPN users.
Tracked as CVE-2019-16651, the flaw was reported almost two years ago, although given its nature and delay in correction the technical details are known until now.
The researchers also claimed to have postponed their investigation for a year at the request of Virgin, which later acknowledged that its security teams were already working to find a solution to this flaw, described as an “external problem that could affect a small set of VPN clients.”
During its tests, Fidus was able to mount a DNS relay attack that revealed the IP address of a VPN user, for which it was only enough to redirect the target to a malicious website for a few seconds: “This attack variant turns the victim’s browser into a lethal weapon,” experts claim.
Experts managed to find the real IP addresses of multiple targets using some of the most popular VPN services today. It is important to mention that some providers seem to have this possibility, since in cases like this they can block access to a local IP address by default.
Still, experts believe that the risk to the privacy of millions of VPN users should not be underestimated, as this flaw is easily exploitable in the wild: “In theory, this flaw could be used on any popular website, rev ..
Support the originator by clicking the read the rest link below.
