Security News > 2023 > September > Atlas VPN zero-day vulnerability leaks users' real IP address
An Atlas VPN zero-day vulnerability affecting the Linux client leaks a user's real IP address simply by visiting a website.
Atlas VPN is a VPN product that offers a cost-effective solution based on WireGuard and supports all major operating systems.
A Reddit user named 'Educational-Map-8145' published a PoC exploit on Reddit that abuses the Atlas VPN Linux API to reveal a user's real IP addresses.
0.0.1:8076/connection/stop API endpoint URL. When this API endpoint is accessed, it automatically terminates any active Atlas VPN sessions that hide a user's IP address.
This is a severe privacy breach for any VPN user as it exposes their approximate physical location and actual IP address, allowing them to be tracked and nullifying one of the core reasons for using a VPN provider.
The vulnerability affects Atlas VPN Linux client version 1.0.3.
News URL
Related news
- Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
- New Windows zero-day leaks NTLM hashes, gets unofficial patch (source)
- Mozilla Patches Critical Firefox Bug Similar to Chrome’s Recent Zero-Day Vulnerability (source)
- BlackLock Ransomware Exposed After Researchers Exploit Leak Site Vulnerability (source)
- Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457) (source)
- PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware (source)