20Şub
CVE-2023-7245 | OpenVPN Connect Node.js Framework ELECTRON_RUN_AS_NODE neutralization of directives
A vulnerability has been found in OpenVPN Connect and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Node.js Framework. The manipulation of the argument ELECTRON_RUN_AS_NODE leads to improper neutralization of directives in dynamically evaluated code ('eval injection'). This vulnerability is known as CVE-2023-7245. Attacking locally is a requirement. There is no exploit available.