CVE-2024-57426

Name of the Vulnerable Software and Affected Versions NetMod VPN Client version 5.3.1

Description The issue arises due to the improper validation of dynamically loaded libraries, allowing an attacker to execute arbitrary code by placing a malicious DLL in a directory where the application loads dependencies. This enables remote code execution.

Recommendations For NetMod VPN Client version 5.3.1, as a temporary workaround, consider restricting the loading of dependencies from untrusted directories to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.