Vulners
Lucene search
TSplus 16.0.0.0 - Remote Work Insecure Files and Folders
| Reporter | Title | Published | Views | Family All 17 |
|---|---|---|---|---|
 | TSplus 16.0.0.0 - Remote Work Insecure Files and Folders Vulnerability | 21 Aug 202300:00 | – | zdt |
 | CVE-2023-31068 | 11 Sep 202319:15 | – | attackerkb |
| CVE-2023-27133 | 17 Oct 202316:15 | – | attackerkb |
 | CVE-2023-31068 | 11 Sep 202322:27 | – | circl |
 | TSplus 安全漏洞 | 21 Aug 202300:00 | – | cnnvd |
 | CVE-2023-31068 | 11 Sep 202300:00 | – | cve |
 | CVE-2023-31068 | 11 Sep 202300:00 | – | cvelist |
 | EUVD-2023-35397 | 3 Oct 202520:07 | – | euvd |
 | CVE-2023-31068 | 11 Sep 202319:15 | – | nvd |
 | CVE-2023-31068 | 11 Sep 202319:15 | – | osv |
10
# Exploit Title: TSplus 16.0.0.0 - Remote Work Insecure Files and Folders Permissions
# Date: 2023-08-09
# Exploit Author: Carlo Di Dato for Deloitte Risk Advisory Italia
# Vendor Homepage: https://tsplus.net/
# Version: Up to 16.0.0.0
# Tested on: Windows
# CVE : CVE-2023-31068
With TSPlus Remote Work (v. 16.0.0.0) you can create a secure single
sign-on web portal and remote desktop gateway that enables users to
remotely access the console session of their office PC.
The solution comes with an embedded web server to allow remote users to
easely connect remotely.
However, insecure file and folder permissions are set, and this could
allow a malicious user to manipulate file content (e.g.: changing the
code of html pages or js scripts) or change legitimate files (e.g.
Setup-RemoteWork-Client.exe) in order to compromise a system or to gain
elevated privileges.
This is the list of insecure files and folders with their respective
permissions:
Permission: Everyone:(OI)(CI)(F)
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\cgi-bin
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\download
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\downloads
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\prints
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\software
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\var
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\cgi-bin\remoteapp
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\downloads\shared
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\software\html5
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\software\java
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\software\js
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\software\html5\imgs
C:\Program Files
(x86)\TSplus-RemoteWork\Clients\www\software\html5\jwres
C:\Program Files
(x86)\TSplus-RemoteWork\Clients\www\software\html5\locales
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\software\html5\own
C:\Program Files
(x86)\TSplus-RemoteWork\Clients\www\software\html5\imgs\des
C:\Program Files
(x86)\TSplus-RemoteWork\Clients\www\software\html5\imgs\key
C:\Program Files
(x86)\TSplus-RemoteWork\Clients\www\software\html5\imgs\topmenu
C:\Program Files
(x86)\TSplus-RemoteWork\Clients\www\software\html5\imgs\key\parts
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\software\java\img
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\software\java\third
C:\Program Files
(x86)\TSplus-RemoteWork\Clients\www\software\java\img\cp
C:\Program Files
(x86)\TSplus-RemoteWork\Clients\www\software\java\img\srv
C:\Program Files
(x86)\TSplus-RemoteWork\Clients\www\software\java\third\images
C:\Program Files
(x86)\TSplus-RemoteWork\Clients\www\software\java\third\js
C:\Program Files
(x86)\TSplus-RemoteWork\Clients\www\software\java\third\images\bramus
C:\Program Files
(x86)\TSplus-RemoteWork\Clients\www\software\java\third\js\prototype
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\var\log
-------------------------------------------------------------------------------------------
Permission: Everyone:(F)
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\robots.txt
C:\Program Files
(x86)\TSplus-RemoteWork\Clients\www\cgi-bin\hb.exe.config
C:\Program Files
(x86)\TSplus-RemoteWork\Clients\www\cgi-bin\SessionPrelaunch.Common.dll.config
C:\Program Files
(x86)\TSplus-RemoteWork\Clients\www\cgi-bin\remoteapp\index.html
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\download\common.js
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\download\lang.js
C:\Program Files
(x86)\TSplus-RemoteWork\Clients\www\download\Setup-RemoteWork-Client.exe
C:\Program Files
(x86)\TSplus-RemoteWork\Clients\www\software\html5\jwres\jwwebsockify.jar
C:\Program Files
(x86)\TSplus-RemoteWork\Clients\www\software\html5\jwres\web.jar
C:\Program Files
(x86)\TSplus-RemoteWork\Clients\www\software\html5\own\exitlist.html
C:\Program Files
(x86)\TSplus-RemoteWork\Clients\www\software\html5\own\exitupload.html
C:\Program Files
(x86)\TSplus-RemoteWork\Clients\www\software\java\index.html
C:\Program Files
(x86)\TSplus-RemoteWork\Clients\www\software\java\img\index.html
C:\Program Files
(x86)\TSplus-RemoteWork\Clients\www\software\java\img\port.bin
C:\Program Files
(x86)\TSplus-RemoteWork\Clients\www\software\java\third\jws.js
C:\Program Files
(x86)\TSplus-RemoteWork\Clients\www\software\java\third\sha256.js
C:\Program Files
(x86)\TSplus-RemoteWork\Clients\www\software\java\third\js\prototype\prototype.js
C:\Program Files
(x86)\TSplus-RemoteWork\Clients\www\software\js\jquery.min.jsData
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
21 Aug 2023 00:00Current
9.8High risk
Vulners AI Score9.8
CVSS 3.19.8
EPSS0.01501
SSVC