Unrestricted Destination IP Address and TCP Port Vulnerability in UltraVNC Repeater

Unrestricted Destination IP Address and TCP Port Vulnerability in UltraVNC Repeater

CVE-2016-5673 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

UltraVNC Repeater before 1300 does not restrict destination IP addresses or TCP ports, which allows remote attackers to obtain open-proxy functionality by using a :: substring in between the IP address and port number.

Learn more about our Web Application Penetration Testing UK.