{"id":51837,"date":"2023-05-09T15:12:51","date_gmt":"2023-05-09T15:12:51","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/34593\/CyberGhost-VPN-Patches-Command-Injection-Vulnerability.html"},"modified":"2023-05-09T15:12:51","modified_gmt":"2023-05-09T15:12:51","slug":"cyberghost-vpn-patches-command-injection-vulnerability","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/cyberghost-vpn-patches-command-injection-vulnerability\/","title":{"rendered":"CyberGhost VPN Patches Command Injection Vulnerability"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/05\/VPN-Mobile.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>Popular virtual private network solution provider CyberGhost VPN has patched a recently discovered command injection vulnerability which exposed its Windows users\u2019 systems to potential compromise.<\/p>\n<p>Adding intrigue to the bug&#8217;s discovery is the pains the researcher who discovered the vulnerability went through to disclose the flaw. The researchers, Ceri Coburn of UK-based security research firm Pen Test Partners, found the bug and said he felt bullied during the disclosure process with bug bounty firm Bugcrowd and the vendor.<\/p>\n<p>In a <a rel=\"noreferrer noopener\" href=\"https:\/\/www.pentestpartners.com\/security-blog\/bullied-by-bugcrowd-over-kape-cyberghost-disclosure\/\" target=\"_blank\">blog post<\/a>, Coburn said the CyberGhost VPN client is susceptible to an elevation of privilege vulnerability. Coburn says the vulnerability is filed under&nbsp;<a rel=\"noreferrer noopener\" href=\"https:\/\/cve.report\/CVE-2023-30237\" target=\"_blank\">CVE-2023-30237<\/a>, which is yet to be published. He said that the flaw impacts approximately 3 million CyberGhost customers. On its <a href=\"https:\/\/www.cyberghostvpn.com\/en_US\/about\" target=\"_blank\" rel=\"noreferrer noopener\">website<\/a>, CyberGhost says it has over 38 million users.<\/p>\n<p>The latest 8.3.10.10015 version of CyberGhost, released on the 24 February 2023 fixes this issue, according to the VPN company. It&#8217;s unclear if the patch was pushed to endpoints running previous versions of the software or if customers need to update instances of the software themselves. Updates to the <a href=\"https:\/\/support.cyberghostvpn.com\/hc\/en-us\/articles\/360016419880-Where-can-I-download-the-latest-version-of-CyberGhost-VPN-\" target=\"_blank\" rel=\"noreferrer noopener\">latest version of CyberGhost can be downloaded here<\/a>.<\/p>\n<p>As for the vulnerability Coburn described it as: \u201cA specially crafted JSON payload sent to the CyberGhost RPC (remote procedure call) service can lead to command line injection when the OpenVPN process is launched, leading to full system compromise.&#8221;<\/p>\n<h2>Bumpy bug reporting<\/h2>\n<p>Coburn said he had previously reported a separate CyberGhost issue to Bugcrowd, one of the largest bug bounty and vulnerability disclosure companies. That issue was deemed to be a configuration problem, which was subsequently fixed, rather than a security issue.<\/p>\n<p>\u201cSo, we at PTP (Pen Test Partners) decided to commission further dedicated research into the CyberGhost client itself. After several days of poking around, a command line injection vulnerability was found. Now some, reading this, might conclude that this was a form of retaliation. To some degree, it was, but not because of missing out on a bounty, I had no interest in that. It was more to do with how the original case was handled and how this affected an ongoing [PTP] Red Team operation. Therefore, I had no intention whatsoever of reporting this new vulnerability via Bugcrowd.\u201d<\/p>\n<p>On January 3 this year, Coburn attempted to report the new vulnerability directly to CyberGhost, beginning what he says was \u201cthe worst disclosure experience\u201d he has ever experienced.<\/p>\n<p>CyberGhost\u2019s support desk referred him to Kape, a digital security software provider who Coburn said \u201cappeared to be the developers behind several well-known consumer VPN products\u201d.<\/p>\n<p>The next day he received an email from Kape saying they had \u201calready covered my concerns via Bugcrowd. Kape had recognized my name from the [previous] Bugcrowd report and assumed it was the same vulnerability\u201d.<\/p>\n<p>\u201cAfter explaining to Kape that this is nothing to do with the original disclosure, they still insisted that I submit via Bugcrowd. Multiple emails later, as I was clearly getting nowhere, I decided to submit the technical details directly to [Kape] since there were humans monitoring this mailbox.\u201d<\/p>\n<h2>&#8220;Breached&#8221; platform penalty box<\/h2>\n<p>That resulted in an email from Bugcrowd telling him he had breached their platform behavior standards by sending an \u201cout of band contact\u201d to Kape. The email said Coburn had been issued a point under a system for tracking researchers who violate Bugcrowd\u2019s rules and code of conduct.<\/p>\n<p>\u201cAfter several rounds of communication with Bugcrowd and explaining my rationale, eventually my code of conduct point was deducted with an apology.\u201d<\/p>\n<p>Kape then moved swiftly to fix the bug, he said.<\/p>\n<p>\u201cI just wish that software vendors would offer direct disclosure routes in addition to bug bounty platforms. Some researchers would prefer the direct approach.\u201d<\/p>\n<p>In a statement from Kape published in Coburn\u2019s post, the company said it was working with Bugcrowd to prevent similar miscommunications happening in the future.<\/p>\n<p>\u201cKape values collaboration and cooperation with security researchers throughout the world, and we invest heavily in ensuring security researchers are heard and that the lines of communication with our security and development teams are always open.\u201d<\/p>\n<p>The disclosure of the vulnerability by Coburn was on January 3, 2023 to CyberGhost. The next day CyberGhost erroneously stated it had already addressed the bug. On March 1, CyberGhost said it was &#8220;in the process of rolling out the fix,&#8221; according to Coburn&#8217;s blog. On March 20, CyberGhost said &#8220;the fix was released on the 24<sup>th<\/sup>&nbsp;February 2023,&#8221; according to Coburn.<\/p>\n<h2>Breaking down the bug: CVE-2023-30237<\/h2>\n<p>The vulnerability, and subsequent proof-of-concept exploit, relies on how CyberGhost parsed data using the native Windows API&nbsp;&#8220;CommandLineToArgvW&#8221; used in tandem with &nbsp;OpenVPN or Wireguard processes.<\/p>\n<p>&#8220;Like many VPN providers, CyberGhost software uses solutions such as OpenVPN or Wireguard to offer VPN services to their customers.&nbsp; Most of these VPN solutions are typically split across an unprivileged UI component that communicates with a privileged Windows service running as SYSTEM.&nbsp; If it\u2019s not fully scrutinized it can lead to elevation of privilege vulnerabilities via this communications channel,&#8221; the researcher wrote.<\/p>\n<p>When a connection request is made by CyberGhost, similar to other VPN services, to connect to a configured city or country via an unprivileged user interface, the details or data are sent to the backed service (MachineNameCyberGhost8Service) and a process (openvpn.exe or the wireguard DLL) is started to establish the underlying VPN connection, according to the post.<\/p>\n<p>&#8220;There are several openvpn command line arguments that can be used to execute other processes or load arbitrary DLL\u2019s such as the&nbsp;<strong>\u2013<\/strong>plugin&nbsp;argument,&#8221; he wrote.<\/p>\n<p>Coburn was able to craft a JavaScript Object Notation (JSON) that instructed Windows systems to download a payload, which could allow malicious code execution on vulnerable systems. &nbsp;<\/p>\n<p>&#8220;The exploit leverages openvpn\u2019s plugin feature to gain code execution, therefore a simple plugin was written that queried the&nbsp;<strong>\u2013remote<\/strong>&nbsp;argument and treated this as a command to execute instead,&#8221; Coburn wrote.<\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/34593\/CyberGhost-VPN-Patches-Command-Injection-Vulnerability.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":51838,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[6234],"class_list":["post-51837","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlineprivacyflawpatchcryptography"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>CyberGhost VPN Patches Command Injection Vulnerability 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/cyberghost-vpn-patches-command-injection-vulnerability\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CyberGhost VPN Patches Command Injection Vulnerability 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/cyberghost-vpn-patches-command-injection-vulnerability\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-05-09T15:12:51+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/05\/VPN-Mobile.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cyberghost-vpn-patches-command-injection-vulnerability\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cyberghost-vpn-patches-command-injection-vulnerability\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"CyberGhost VPN Patches Command Injection Vulnerability\",\"datePublished\":\"2023-05-09T15:12:51+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cyberghost-vpn-patches-command-injection-vulnerability\\\/\"},\"wordCount\":996,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cyberghost-vpn-patches-command-injection-vulnerability\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/cyberghost-vpn-patches-command-injection-vulnerability.jpg\",\"keywords\":[\"headline,privacy,flaw,patch,cryptography\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cyberghost-vpn-patches-command-injection-vulnerability\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cyberghost-vpn-patches-command-injection-vulnerability\\\/\",\"name\":\"CyberGhost VPN Patches Command Injection Vulnerability 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cyberghost-vpn-patches-command-injection-vulnerability\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cyberghost-vpn-patches-command-injection-vulnerability\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/cyberghost-vpn-patches-command-injection-vulnerability.jpg\",\"datePublished\":\"2023-05-09T15:12:51+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cyberghost-vpn-patches-command-injection-vulnerability\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cyberghost-vpn-patches-command-injection-vulnerability\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cyberghost-vpn-patches-command-injection-vulnerability\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/cyberghost-vpn-patches-command-injection-vulnerability.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/cyberghost-vpn-patches-command-injection-vulnerability.jpg\",\"width\":1080,\"height\":625},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cyberghost-vpn-patches-command-injection-vulnerability\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,privacy,flaw,patch,cryptography\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlineprivacyflawpatchcryptography\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"CyberGhost VPN Patches Command Injection Vulnerability\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CyberGhost VPN Patches Command Injection Vulnerability 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/cyberghost-vpn-patches-command-injection-vulnerability\/","og_locale":"en_US","og_type":"article","og_title":"CyberGhost VPN Patches Command Injection Vulnerability 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/cyberghost-vpn-patches-command-injection-vulnerability\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-05-09T15:12:51+00:00","og_image":[{"url":"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/05\/VPN-Mobile.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/cyberghost-vpn-patches-command-injection-vulnerability\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/cyberghost-vpn-patches-command-injection-vulnerability\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"CyberGhost VPN Patches Command Injection Vulnerability","datePublished":"2023-05-09T15:12:51+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/cyberghost-vpn-patches-command-injection-vulnerability\/"},"wordCount":996,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/cyberghost-vpn-patches-command-injection-vulnerability\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/05\/cyberghost-vpn-patches-command-injection-vulnerability.jpg","keywords":["headline,privacy,flaw,patch,cryptography"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/cyberghost-vpn-patches-command-injection-vulnerability\/","url":"https:\/\/www.threatshub.org\/blog\/cyberghost-vpn-patches-command-injection-vulnerability\/","name":"CyberGhost VPN Patches Command Injection Vulnerability 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/cyberghost-vpn-patches-command-injection-vulnerability\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/cyberghost-vpn-patches-command-injection-vulnerability\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/05\/cyberghost-vpn-patches-command-injection-vulnerability.jpg","datePublished":"2023-05-09T15:12:51+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/cyberghost-vpn-patches-command-injection-vulnerability\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/cyberghost-vpn-patches-command-injection-vulnerability\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/cyberghost-vpn-patches-command-injection-vulnerability\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/05\/cyberghost-vpn-patches-command-injection-vulnerability.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/05\/cyberghost-vpn-patches-command-injection-vulnerability.jpg","width":1080,"height":625},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/cyberghost-vpn-patches-command-injection-vulnerability\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,privacy,flaw,patch,cryptography","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlineprivacyflawpatchcryptography\/"},{"@type":"ListItem","position":3,"name":"CyberGhost VPN Patches Command Injection Vulnerability"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/51837","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=51837"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/51837\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/51838"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=51837"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=51837"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=51837"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}