CVE-2020-29238

Severity CVSS v4.0:
Pending analysis
Type:
CWE-190 Integer Overflow or Wraparound
Publication date:
10/03/2021
Last modified:
22/07/2022

Description

An integer buffer overflow in the Nginx webserver of ExpressVPN Router version 1 allows remote attackers to obtain sensitive information when the server running as reverse proxy via specially crafted request.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:expressvpn:expressvpn:1.0:*:*:*:*:*:*:*