Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zscaler client connector vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2021-26735
The Zscaler Client Connector Installer and Unsintallers for Windows before 3.6 had an unquoted search path vulnerability. A local adversary may be able to execute code with SYSTEM privileges.
Zscaler Client Connector
NA
CVE-2021-26736
Multiple vulnerabilities in the Zscaler Client Connector Installer and Uninstaller for Windows before 3.6 allowed execution of binaries from a low privileged path. A local adversary may be able to execute code with SYSTEM privileges.
Zscaler Client Connector
NA
CVE-2021-26737
The Zscaler Client Connector for macOS before 3.6 did not sufficiently validate RPC clients. A local adversary without sufficient privileges may be able to shutdown the Zscaler tunnel by exploiting a race condition.
Zscaler Client Connector
NA
CVE-2021-26738
Zscaler Client Connector for macOS before 3.7 had an unquoted search path vulnerability via the PATH variable. A local adversary may be able to execute code with root privileges.
Zscaler Client Connector
NA
CVE-2023-28793
Buffer overflow vulnerability in the signelf library used by Zscaler Client Connector on Linux allows Code Injection. This issue affects Zscaler Client Connector for Linux: prior to 1.3.1.6.
Zscaler Client Connector
NA
CVE-2023-28794
Origin Validation Error vulnerability in Zscaler Client Connector on Linux allows Privilege Abuse. This issue affects Zscaler Client Connector for Linux: prior to 1.3.1.6.
Zscaler Client Connector
NA
CVE-2023-28795
Origin Validation Error vulnerability in Zscaler Client Connector on Linux allows Inclusion of Code in Existing Process. This issue affects Zscaler Client Connector for Linux: prior to 1.3.1.6.
Zscaler Client Connector
NA
CVE-2023-28796
Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector on Linux allows Code Injection. This issue affects Zscaler Client Connector for Linux: prior to 1.3.1.6.
Zscaler Client Connector
NA
CVE-2023-28797
Zscaler Client Connector for Windows prior to 4.1 writes/deletes a configuration file inside specific folders on the disk. A malicious user can replace the folder and execute code as a privileged user.
Zscaler Client Connector
NA
CVE-2023-28799
A URL parameter during login flow was vulnerable to injection. An attacker could insert a malicious domain in this parameter, which would redirect the user after auth and send the authorization token to the redirected domain.
Zscaler Client Connector
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »