Default Password Vulnerability in UltraVNC Repeater
CVE-2026-7839
9.1CRITICAL
What is CVE-2026-7839?
The UltraVNC Repeater before version 1.8.2.2 contains a vulnerability where the HTTP administration server is initialized with a hardcoded default password, 'adminadmi2'. This occurs when the settings file is absent during the first run. Without proper authentication mechanisms like rate-limiting or lockout, any remote attacker with access to the repeater's HTTP port can exploit this weakness. They can easily authenticate as an administrator, gaining full control over the repeater's configuration settings, including permission rules and session visibility.
Affected Version(s)
UltraVNC 0 <= 1.8.2.2
References
CVSS V3.1
Score:
9.1
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Arjun Basnet, Securin (arjun.basnet@securin.io)
