CVE-2019-17662

EPSS 96.8%

ThinVNC 1.0b1 is vulnerable to arbitrary file read, which leads to a compromise of the VNC server. The vulnerability exists even when authentication is turned on during the deployment of the VNC server. The password for authentication is stored in cleartext in a file that can be read via a ../../ThinVnc.ini directory traversal attack vector.

Affected products

n/a · n/a

public PoCs found — 9

githubgithub.com/MuirlandOracle/CVE-2019-17662★ 19 githubgithub.com/whokilleddb/CVE-2019-17662★ 2 githubgithub.com/bl4ck574r/CVE-2019-17662★ 2 githubgithub.com/thomas-osgood/CVE-2019-17662★ 1 githubgithub.com/kxisxr/Bash-Script-CVE-2019-17662★ 1 githubgithub.com/rajendrakumaryadav/CVE-2019-17662-Exploit★ 1 githubgithub.com/Tamagaft/CVE-2019-17662★ 0 exploitdbwww.exploit-db.com/exploits/47519unverified cve_referencepacketstormsecurity.com/files/154896/ThinVNC-1.0b1-Authentication-Bypass.htmlunverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://packetstormsecurity.com/files/154896/ThinVNC-1.0b1-Authentication-Bypass.html https://github.com/bewest/thinvnc/issues/5 https://github.com/shashankmangal2/Exploits/blob/master/ThinVNC-RemoteAccess/POC.py https://redteamzone.com/ThinVNC/