Cybelesoft - Thinfinity Virtualui CVE

Filtered by vendor Cybelesoft Subscribe

Filtered by product Thinfinity Virtualui

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-46354	1 Cybelesoft	1 Thinfinity Virtualui	2022-02-21	5.0 MEDIUM	7.5 HIGH
Thinfinity VirtualUI 2.1.28.0, 2.1.32.1 and 2.5.26.2, fixed in version 3.0 is affected by an information disclosure vulnerability in the parameter "Addr" in cmd site. The ability to send requests to other systems can allow the vulnerable server to filtrate the real IP of the web server or increase the attack surface.

Vulnerabilities (CVE)