Critical severity10.0NVD Advisory· Published Apr 18, 2022· Updated Jun 17, 2026
CVE-2022-25226
CVE-2022-25226
Description
ThinVNC version 1.0b1 allows an unauthenticated user to bypass the authentication process via 'http://thin-vnc:8080/cmd?cmd=connect' by obtaining a valid SID without any kind of authentication. It is possible to achieve code execution on the server by sending keyboard or mouse events to the server.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- ThinVNC/ThinVNCdescription
Patches
Vulnerability mechanics
References
1- fluidattacks.com/advisories/sinatra/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.