Off-by-One Error in UltraVNC Repeater Authentication Process
CVE-2026-44042
3.7LOW
What is CVE-2026-44042?
The UltraVNC Repeater version up to 1.8.2.2 contains an off-by-one error in its Base64 decoding function, specifically when handling HTTP Basic authentication. The issue occurs due to a strict greater-than comparison in the wi_uudecode() function, which incorrectly assesses the input length against the output buffer. Although current implementations limit the risk within defined HTTP request constraints, this vulnerability introduces a latent condition that could be exploited should these constraints change. This design flaw poses a potential risk of a one-byte write at the edge of a fixed-size stack buffer under specific conditions.
Affected Version(s)
UltraVNC 0 <= 1.8.2.2
