Vulnerabilities > CVE-2022-25226 - Unspecified vulnerability in Cybelsoft Thinvnc 1.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
ThinVNC version 1.0b1 allows an unauthenticated user to bypass the authentication process via 'http://thin-vnc:8080/cmd?cmd=connect' by obtaining a valid SID without any kind of authentication. It is possible to achieve code execution on the server by sending keyboard or mouse events to the server.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |