You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
My name is Daniel Morales, from the IT Security Team of ARHS Spikeseed.
I recently found a functionality in Thinfinity VirtualUI that could allow to a malicious actor to perform social engineering attacks such as phishing via the directory /lab.html reachable by default.
How it works
By accessing the following payload (URL) an attacker could iframe any external website (of course, only external endpoints that allows being iframed). The impact is a good phishing.
Dear Cybele Software,
My name is Daniel Morales, from the IT Security Team of ARHS Spikeseed.
I recently found a functionality in Thinfinity VirtualUI that could allow to a malicious actor to perform social engineering attacks such as phishing via the directory /lab.html reachable by default.
How it works
By accessing the following payload (URL) an attacker could iframe any external website (of course, only external endpoints that allows being iframed). The impact is a good phishing.
Payload
The vulnerable vector is "https://example.com/lab.html?vpath=//wikipedia.com " where "vpath=//" is the pointer to the external site to be iframed.
Vulnerable versions
It has been tested in VirtualUI version 2.1.37.2, 2.1.42.2, 2.5.0.0, 2.5.36.1, 2.5.36.2 and 2.5.41.0.
The text was updated successfully, but these errors were encountered: