PureVPN Vulnerability Exposes Users’ IPv6 Address While Toggling Wi-Fi CyberDudeBivash Threat Intelligence Report
Executive Summary A vulnerability in PureVPN (Linux client, GUI v2.10.0 & CLI v2.0.1) leaks users’ IPv6 address when Wi-Fi reconnections occur or after system suspend/resume. Cyber Security News +1 IPv6 kill-switch protections fail to reapply properly; firewall rules are reset/erased and not restored after disconnect, leaving the system more exposed. Cyber Security News +2 Anagogistis +2 Affects users on Ubuntu 24.04.3 LTS with kernel 6.8.0 and iptables-nft backend. Cyber Security News +1 Real risk for anyone using PureVPN for privacy: websites, emails, etc. may leak IPv6 traffic in periods when user expects full protection. Affected Systems & Conditions PureVPN Linux GUI v2.10.0 and CLI v2.0.1 clients. Cyber Security News +2 BigGo +2 OS: Ubuntu Linux 24.04.3 LTS, kernel 6.8.0. The iptables/nft backend environment. Cyber Security News +1 Situations: toggling WiFi (disconnect/reconnect), system resume from suspend, or possibly after network stat...