VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
epss	0.90206	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.90206	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.90206	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.90206	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.90206	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.90206	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.90206	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.92699	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.92699	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.92699	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.92699	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.92699	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.92699	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.92699	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.92699	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.92699	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.92699	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.92854	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.92854	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.92854	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.92854	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.92854	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.92854	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.92854	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.92985	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.93085	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.93085	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.93085	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.93085	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.93085	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.93085	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.96724	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.96724	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.96724	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.97143	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.97143	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
epss	0.97143	https://api.first.org/data/v1/epss?cve=CVE-2006-2369
cvssv2	7.5	https://nvd.nist.gov/vuln/detail/CVE-2006-2369

System

Score

Found at

epss

0.90206

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.90206

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.90206

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.90206

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.90206

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.90206

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.90206

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.92699

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.92699

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.92699

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.92699

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.92699

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.92699

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.92699

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.92699

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.92699

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.92699

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.92854

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.92854

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.92854

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.92854

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.92854

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.92854

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.92854

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.92985

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.93085

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.93085

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.93085

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.93085

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.93085

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.93085

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.96724

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.96724

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.96724

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.97143

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.97143

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

epss

0.97143

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

cvssv2

7.5

https://nvd.nist.gov/vuln/detail/CVE-2006-2369

Reference id

Reference type

URL

http://marc.info/?l=full-disclosure&m=114768344111131&w=2

http://marc.info/?l=vnc-list&m=114755444130188&w=2

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2369.json

https://api.first.org/data/v1/epss?cve=CVE-2006-2369

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2369

http://seclists.org/fulldisclosure/2022/May/29

http://secunia.com/advisories/20107

http://secunia.com/advisories/20109

http://secunia.com/advisories/20789

http://securityreason.com/securityalert/8355

http://securitytracker.com/id?1016083

https://exchange.xforce.ibmcloud.com/vulnerabilities/26445

http://www.cisco.com/warp/public/707/cisco-sr-20060622-cmm.shtml

http://www.intelliadmin.com/blog/2006/05/security-flaw-in-realvnc-411.html

http://www.intelliadmin.com/blog/2006/05/vnc-flaw-proof-of-concept.html

http://www.kb.cert.org/vuls/id/117929

http://www.openwall.com/lists/oss-security/2024/08/02/8

http://www.osvdb.org/25479

http://www.realvnc.com/products/free/4.1/release-notes.html

http://www.securityfocus.com/archive/1/433994/100/0/threaded

http://www.securityfocus.com/archive/1/434015/100/0/threaded

http://www.securityfocus.com/archive/1/434117/100/0/threaded

http://www.securityfocus.com/archive/1/434518/100/0/threaded

http://www.securityfocus.com/archive/1/434560/100/0/threaded

http://www.securityfocus.com/archive/1/438175/100/0/threaded

http://www.securityfocus.com/archive/1/438368/100/0/threaded

http://www.securityfocus.com/bid/17978

http://www.vupen.com/english/advisories/2006/1790

http://www.vupen.com/english/advisories/2006/1821

http://www.vupen.com/english/advisories/2006/2492

cpe:2.3:a:vnc:realvnc:4.1.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vnc:realvnc:4.1.1:*:*:*:*:*:*:*

CVE-2006-2369

Exploit

https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/1794.pm

CVE-2006-2369

Exploit

https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/36932.py

CVE-2006-2369

https://nvd.nist.gov/vuln/detail/CVE-2006-2369

CVE-2006-2369;OSVDB-25479

Exploit

http://secunia.com/advisories/20107/

CVE-2006-2369;OSVDB-25479

Exploit

https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/17719.rb

OSVDB-25479;CVE-2006-2369

Exploit

https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/1791.patch

Data source	Exploit-DB
Date added	May 13, 2012
Description	RealVNC 4.1.0/4.1.1 - Authentication Bypass
Ransomware campaign use	Known
Source publication date	May 13, 2012
Exploit type	remote
Platform	windows
Source update date	May 7, 2015

Exploit-DB

May 13, 2012

RealVNC 4.1.0/4.1.1 - Authentication Bypass

Known

May 13, 2012

remote

windows

May 7, 2015

Data source	Metasploit
Description	Detect VNC servers that support the "None" authentication method.
Note	{}
Ransomware campaign use	Unknown
Source URL	https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/scanner/vnc/vnc_none_auth.rb

Metasploit

Detect VNC servers that support the "None" authentication method.

{}

Unknown

https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/scanner/vnc/vnc_none_auth.rb

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.

There are no relevant records.

Vulnerability ID	VCID-14t8-vrru-aaaf
Aliases	CVE-2006-2369
Summary	RealVNC 4.1.1, and other products that use RealVNC such as AdderLink IP and Cisco CallManager, allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None", which is accepted even if it is not offered by the server, as originally demonstrated using a long password.
Status	Published
Exploitability	2.0
Weighted Severity	6.8
Risk	10.0
Affected and Fixed Packages	Package Details

Percentile	0.99557
EPSS Score	0.90206
Published At	May 15, 2025, 12:55 p.m.