CVE-2025-11130 | iHongRen pptp-vpn 1.0/1.0.1 on macOS XPC Service HelpTool/HelperTool.m shouldAcceptNewConnection missing authentication

A vulnerability identified as critical has been detected in iHongRen pptp-vpn 1.0/1.0.1 on macOS. This issue affects the function shouldAcceptNewConnection of the file HelpTool/HelperTool.m of the component XPC Service. This manipulation causes missing authentication.

The identification of this vulnerability is CVE-2025-11130. The attack can only be executed locally. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-11130 | iHongRen pptp-vpn 1.0/1.0.1 on macOS XPC Service HelpTool/HelperTool.m shouldAcceptNewConnection missing authentication

Post correlati

CVE-2025-9526 | Linksys E1700 1.0.0.4.003 /goform/setSysAdm rm_port stack-based overflow

CVE-2024-13789 | matiskiba ravpage Plugin up to 2.31 on WordPress paramsv2 deserialization

CVE-2022-4975 | Red Hat Advanced Cluster Security Portal /main/configmanagement/ cross site scripting

CVE-2025-54454 | Samsung Electronics MagicINFO 9 Server 21.1050/21.1052 hard-coded credentials