It was recently reported that there is a vulnerability affecting VPN providers that allow port forwarding, which could reveal a user’s real IP address. We wanted to let our users know that VyprVPN is not affected by this vulnerability.
What’s the Vulnerability?
As described by Graham Cluley Security News, “Researchers have identified a serious vulnerability affecting VPN providers with port-forwarding services that allows an attacker to obtain the real IP address of a user’s computer.”
The article explains that the attacker is the one who enables port forwarding to “exploit the bug,” and in order to do so they must have an account with the user’s VPN provider, have set up port forwarding and also must know the user’s exit IP address.
Is VyprVPN Affected?
We’ve received some questions about this vulnerability, and wanted to let users know that Golden Frog’s VyprVPN is not affected. Because our connections do not share IP addresses, our service doesn’t need port forwarding, so we do not offer port forwarding. Since the vulnerability requires port forwarding, we are not affected by it.
If you have any additional questions please leave a comment on this blog post and we will respond to you in more detail. More information on the vulnerability can also be found in these articles by IT World and ZDNet.