CVE-2025-11130 | iHongRen pptp-vpn 1.0/1.0.1 on macOS XPC Service HelpTool/HelperTool.m shouldAcceptNewConnection missing authentication

September 28, 2025 Yanac

A vulnerability identified as critical has been detected in iHongRen pptp-vpn 1.0/1.0.1 on macOS. This issue affects the function shouldAcceptNewConnection of the file HelpTool/HelperTool.m of the component XPC Service. This manipulation causes missing authentication.

The identification of this vulnerability is CVE-2025-11130. The attack can only be executed locally. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More