CVE-2025-5922
- EPSS 0.01%
- Veröffentlicht 29.07.2025 16:54:43
- Zuletzt bearbeitet 31.07.2025 18:42:56
Access to TSplus Remote Access Admin Tool is restricted to administrators (unless "Disable UAC" option is enabled) and requires a PIN code. In versions below v18.40.6.17 the PIN's hash is stored in a system registry accessible to regular users, makin...
CVE-2025-26318
- EPSS 1.11%
- Veröffentlicht 04.03.2025 21:15:13
- Zuletzt bearbeitet 26.08.2025 20:15:38
hb.exe in TSplus Remote Access before 17.30 2024-10-30 allows remote attackers to retrieve a list of all domain accounts currently connected to the application.
CVE-2023-31067
- EPSS 1.88%
- Veröffentlicht 11.09.2023 19:15:41
- Zuletzt bearbeitet 21.11.2024 08:01:21
An issue was discovered in TSplus Remote Access through 16.0.2.14. There are Full Control permissions for Everyone on some directories under %PROGRAMFILES(X86)%\TSplus\Clients\www.
CVE-2023-31068
- EPSS 1.5%
- Veröffentlicht 11.09.2023 19:15:41
- Zuletzt bearbeitet 21.11.2024 08:01:21
An issue was discovered in TSplus Remote Access through 16.0.2.14. There are Full Control permissions for Everyone on some directories under %PROGRAMFILES(X86)%\TSplus\UserDesktop\themes.
CVE-2023-31069
- EPSS 1.14%
- Veröffentlicht 11.09.2023 19:15:41
- Zuletzt bearbeitet 21.11.2024 08:01:21
An issue was discovered in TSplus Remote Access through 16.0.2.14. Credentials are stored as cleartext within the HTML source code of the login page.