CVE-2021-45092 Scanner

Thinfinity VirtualUI is an innovative software solution that enables developers to effortlessly transform their Windows applications into web-based ones. It does this by providing application virtualization, web-enabling and remote desktop services. With Thinfinity VirtualUI, developers can easily create web application interfaces for their legacy Windows applications without having to redesign, re-engineer or rewrite their entire applications.

Recently, a vulnerability was detected in Thinfinity VirtualUI, and it has been given the CVE-2021-45092 code. This vulnerability arises when an attacker is able to inject an IFRAME element via the vpath parameter in the lab.html folder that is reachable by default. As a result, malicious actors can exploit this vulnerability to execute arbitrary script code, steal sensitive data, or even take remote control of a victim's machine.

When this vulnerability is exploited, the consequences can be dire. For businesses, it can lead to a range of problems, such as loss of data, sensitive information leaking out, or business operations being disrupted. End-users can also suffer as their personal information could be stolen or their devices remotely controlled.

It is essential to stay vigilant and up-to-date with the latest digital asset vulnerabilities that could impact your organization or your personal devices. With the pro features of the s4e.io platform, individuals and businesses can easily and quickly learn about the latest threats and vulnerabilities in their digital assets. From vulnerability scanning to threat intelligence, the platform is fully equipped to deliver comprehensive security solutions. Stay safe and secure your digital assets today!

REFERENCES

• https://github.com/cybelesoft/virtualui/issues/2