cve/2018/CVE-2018-4007.md

### [CVE-2018-4007](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4007)
![](https://img.shields.io/static/v1?label=Product&message=Shimo%20VPN&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=local%20privilege%20escalation&color=brighgreen)

### Description

An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the deleteConfig functionality. The program is able to delete any protected file on the system. An attacker would need local access to the machine to successfully exploit the bug.

### POC

#### Reference
- https://talosintelligence.com/vulnerability_reports/TALOS-2018-0676

#### Github
No PoCs found on GitHub currently.
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2018-4007](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4007)`
			`![](https://img.shields.io/static/v1?label=Product&message=Shimo%20VPN&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=local%20privilege%20escalation&color=brighgreen)`

			`### Description`

			`An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the deleteConfig functionality. The program is able to delete any protected file on the system. An attacker would need local access to the machine to successfully exploit the bug.`

			`### POC`

			`#### Reference`
			`- https://talosintelligence.com/vulnerability_reports/TALOS-2018-0676`

			`#### Github`
			`No PoCs found on GitHub currently.`