RSS   Vulnerabilities for 'Thinvnc'   RSS

2022-04-18
 
CVE-2022-25226

CWE-287
 

 
ThinVNC version 1.0b1 allows an unauthenticated user to bypass the authentication process via 'http://thin-vnc:8080/cmd?cmd=connect' by obtaining a valid SID without any kind of authentication. It is possible to achieve code execution on the server by sending keyboard or mouse events to the server.

 


Copyright 2024, cxsecurity.com

 

Back to Top