High severity7.5NVD Advisory· Published Feb 9, 2022· Updated Jul 9, 2026
CVE-2021-46354
CVE-2021-46354
Description
Thinfinity VirtualUI 2.1.28.0, 2.1.32.1 and 2.5.26.2, fixed in version 3.0 is affected by an information disclosure vulnerability in the parameter "Addr" in cmd site. The ability to send requests to other systems can allow the vulnerable server to filtrate the real IP of the web server or increase the attack surface.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Thinfinity VirtualUI/Thinfinity VirtualUIdescription
- Range: <3.0
Patches
Vulnerability mechanics
References
2- packetstormsecurity.com/files/166069/Thinfinity-VirtualUI-2.5.26.2-Information-Disclosure.htmlnvdThird Party AdvisoryVDB Entry
- github.com/cybelesoft/virtualui/issues/3nvdThird Party Advisory
News mentions
0No linked articles in our index yet.