Vulnerability CVE-2022-25227
Published: 2022-05-20

Description:
Thinfinity VNC v4.0.0.1 contains a Cross-Origin Resource Sharing (CORS) vulnerability which can allow an unprivileged remote attacker, if they can trick a user into browse malicious site, to obtain an 'ID' that can be used to send websocket requests and achieve RCE.

 References:
https://fluidattacks.com/advisories/lennon/
Copyright 2024, cxsecurity.com

 

Back to Top