Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
2 vulnerabilities by cybelsoft
CVE-2022-25226 (GCVE-0-2022-25226)
Vulnerability from cvelistv5 – Published: 2022-04-18 16:20 – Updated: 2024-08-03 04:36
VLAI
Summary
ThinVNC version 1.0b1 allows an unauthenticated user to bypass the authentication process via 'http://thin-vnc:8080/cmd?cmd=connect' by obtaining a valid SID without any kind of authentication. It is possible to achieve code execution on the server by sending keyboard or mouse events to the server.
Severity
No CVSS data available.
CWE
- Authentication Bypass
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://fluidattacks.com/advisories/sinatra/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:36:06.608Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://fluidattacks.com/advisories/sinatra/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ThinVNC",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "1.0b1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ThinVNC version 1.0b1 allows an unauthenticated user to bypass the authentication process via \u0027http://thin-vnc:8080/cmd?cmd=connect\u0027 by obtaining a valid SID without any kind of authentication. It is possible to achieve code execution on the server by sending keyboard or mouse events to the server."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication Bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-18T16:20:44.000Z",
"orgId": "84fe0718-d6bb-4716-a7e8-81a6d1daa869",
"shortName": "Fluid Attacks"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://fluidattacks.com/advisories/sinatra/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "help@fluidattacks.com",
"ID": "CVE-2022-25226",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ThinVNC",
"version": {
"version_data": [
{
"version_value": "1.0b1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ThinVNC version 1.0b1 allows an unauthenticated user to bypass the authentication process via \u0027http://thin-vnc:8080/cmd?cmd=connect\u0027 by obtaining a valid SID without any kind of authentication. It is possible to achieve code execution on the server by sending keyboard or mouse events to the server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fluidattacks.com/advisories/sinatra/",
"refsource": "MISC",
"url": "https://fluidattacks.com/advisories/sinatra/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "84fe0718-d6bb-4716-a7e8-81a6d1daa869",
"assignerShortName": "Fluid Attacks",
"cveId": "CVE-2022-25226",
"datePublished": "2022-04-18T16:20:44.000Z",
"dateReserved": "2022-02-15T00:00:00.000Z",
"dateUpdated": "2024-08-03T04:36:06.608Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-17662 (GCVE-0-2019-17662)
Vulnerability from cvelistv5 – Published: 2019-10-16 17:24 – Updated: 2024-08-05 01:47
VLAI
Summary
ThinVNC 1.0b1 is vulnerable to arbitrary file read, which leads to a compromise of the VNC server. The vulnerability exists even when authentication is turned on during the deployment of the VNC server. The password for authentication is stored in cleartext in a file that can be read via a ../../ThinVnc.ini directory traversal attack vector.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://redteamzone.com/ThinVNC/ | x_refsource_MISC |
| https://github.com/shashankmangal2/Exploits/blob/… | x_refsource_MISC |
| https://github.com/bewest/thinvnc/issues/5 | x_refsource_MISC |
| http://packetstormsecurity.com/files/154896/ThinV… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:47:13.477Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://redteamzone.com/ThinVNC/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shashankmangal2/Exploits/blob/master/ThinVNC-RemoteAccess/POC.py"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bewest/thinvnc/issues/5"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/154896/ThinVNC-1.0b1-Authentication-Bypass.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ThinVNC 1.0b1 is vulnerable to arbitrary file read, which leads to a compromise of the VNC server. The vulnerability exists even when authentication is turned on during the deployment of the VNC server. The password for authentication is stored in cleartext in a file that can be read via a ../../ThinVnc.ini directory traversal attack vector."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-17T16:06:07.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://redteamzone.com/ThinVNC/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shashankmangal2/Exploits/blob/master/ThinVNC-RemoteAccess/POC.py"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bewest/thinvnc/issues/5"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/154896/ThinVNC-1.0b1-Authentication-Bypass.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17662",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ThinVNC 1.0b1 is vulnerable to arbitrary file read, which leads to a compromise of the VNC server. The vulnerability exists even when authentication is turned on during the deployment of the VNC server. The password for authentication is stored in cleartext in a file that can be read via a ../../ThinVnc.ini directory traversal attack vector."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://redteamzone.com/ThinVNC/",
"refsource": "MISC",
"url": "https://redteamzone.com/ThinVNC/"
},
{
"name": "https://github.com/shashankmangal2/Exploits/blob/master/ThinVNC-RemoteAccess/POC.py",
"refsource": "MISC",
"url": "https://github.com/shashankmangal2/Exploits/blob/master/ThinVNC-RemoteAccess/POC.py"
},
{
"name": "https://github.com/bewest/thinvnc/issues/5",
"refsource": "MISC",
"url": "https://github.com/bewest/thinvnc/issues/5"
},
{
"name": "http://packetstormsecurity.com/files/154896/ThinVNC-1.0b1-Authentication-Bypass.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/154896/ThinVNC-1.0b1-Authentication-Bypass.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-17662",
"datePublished": "2019-10-16T17:24:07.000Z",
"dateReserved": "2019-10-16T00:00:00.000Z",
"dateUpdated": "2024-08-05T01:47:13.477Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}