2 matches found
CVE-2019-17662
ThinVNC 1.0b1 is vulnerable to an arbitrary file read via a ../../ThinVnc.ini directory traversal, allowing an attacker to read the password file and bypass authentication even when authentication is enabled. The root cause is a directory traversal flaw that exposes the authentication file in cle...
CVE-2022-25226
ThinVNC 1.0b1 contains an authentication bypass via /cmd?cmd=connect that allows an unauthenticated user to gain access and potentially execute code on the server. The NUCLEI template confirms the issue as an authentication bypass leading to unauthorized interaction with the backend, and Red Hat/...