A serious vulnerability existed in NordVPN payment systems. Exploiting the flaw required sending an HTTP POST request that exposed NordVPN users’ details to anyone.
Reportedly, NordVPN has patched a serious flaw that could have exposed users’ details to others. First discovered by a bug bounty hunter, the vulnerability existed in their payments system.
The researcher with alias foo bar on HackerOne reported this vulnerability to NordVPN in December 2019. He found that sending a HTTP POST request without any authentication to join.nordvpn.com could let anyone view other users’ data. Doing so was simple; the attacker could simply change the numbers in the id and user_id to get the details of other users.
The said vulnerability received a high-severity rating with a score of 7 to 8.9. Upon reporting the flaw, not only NordVPN patched the vulnerability, but also awarded the researcher with a $1000 bounty.
Though, it remains unclear whether NordVPN has notified its users about the flaw, they did assure fixing of the bug. As per the statement of Jody Myers, spokesperson NordVPN, to TheRegister,