PureVPN Vulnerability Exposes Users IPv6 Address While Toggling Wi-Fi
This undermines privacy guarantees and leaves systems more exposed than before VPN use, with critical failures in the kill-switch and firewall handling modules.
Anagogistis stated that during testing on Ubuntu 24.04.3 LTS with kernel 6.8.0 and iptables-nft backend, both PureVPN GUI (v2.10.0) and CLI (v2.0.1) clients demonstrated an inability to reapply IPv6 kill-switch protections after toggling Wi-Fi or resuming from suspend.
With the IKS (IPv6 kill-switch) feature enabled, the CLI client automatically reconnects and reports the status as “connected.” However, the system regains a default IPv6 route via Router Advertisements (fe80::1) before the client can reinstate ip6tables rules.
Because ip6tables OUTPUT retains its default ACCEPT policy, IPv6 traffic resumes off-tunnel. In GUI mode, the client’s disconnect dialog correctly blocks IPv4 but neglects IPv6, allowing leaks until the user manually clicks Reconnect.
In real-world scenarios, this meant that IPv6-preferred websites loaded with the ISP-assigned address and email clients like Thunderbird continued sending SMTP traffic outside the VPN tunnel, despite the interface indicating full protection.
A second critical flaw is the client’s handling of host firewall rules. At VPN connection, PureVPN wipes existing iptables configurations: the default chain policies are reset to ACCEPT, and all custom and UFW chains, such as Docker jumps or user-defined rules, are flushed, Anagogistis said.
Upon disconnect, these changes are not reverted, leaving the INPUT and OUTPUT chains set to ACCEPT. The sequence is demonstrated below:
After disconnect, no custom rules remain, and SSH, ping, and other traffic are no longer filtered.
This behavior contradicts user expectations and defeats local deny-by-default strategies, effectively exposing services and enabling unwanted inbound connections.
Both issues have practical consequences for privacy-conscious Linux users relying on PureVPN for secure connectivity.
Until PureVPN addresses these flaws, users should exercise caution, consider disabling IPv6 at the OS level, and manually manage firewall rules or switch to clients with verified kill-switch reliability.
Find this Story Interesting! Follow us on Google News, LinkedIn, and X to Get More Instant Updates.
The post PureVPN Vulnerability Exposes Users IPv6 Address While Toggling Wi-Fi appeared first on Cyber Security News.
A sophisticated adversarial campaign targeting South-East Asian government and military infrastructure, combining rapid exploitation of…
Cynthia Whitaker sat alone on a bench at center stage, her face bathed in a…
Brilliant Minds and Stumble have both been canceled at NBC. Entertainment Weekly reported that the…
We noted this last month, but we really mean it in May: Things are starting…
One of key the reasons developer IO Interactive is an inspired choice for adapting Ian…
The Exim development team has released version 4.99.2 to address four newly discovered security vulnerabilities…
This website uses cookies.