Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbShinnaiEDB-ID:51680
HistoryAug 21, 2023 - 12:00 a.m.

TSplus 16.0.0.0 - Remote Work Insecure Files and Folders

2023-08-2100:00:00
shinnai
www.exploit-db.com
111
tsplus 16.0.0.0
remote work
insecure files
folders
permissions
cve-2023-31068
windows
deloitte risk advisory italia

9.7 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.5%

JSON
# Exploit Title: TSplus 16.0.0.0 - Remote Work Insecure Files and Folders Permissions
# Date: 2023-08-09
# Exploit Author: Carlo Di Dato for Deloitte Risk Advisory Italia
# Vendor Homepage: https://tsplus.net/
# Version: Up to 16.0.0.0
# Tested on: Windows
# CVE : CVE-2023-31068

With TSPlus Remote Work (v. 16.0.0.0) you can create a secure single 
sign-on web portal and remote desktop gateway that enables users to 
remotely access the console session of their office PC.
The solution comes with an embedded web server to allow remote users to 
easely connect remotely.
However, insecure file and folder permissions are set, and this could 
allow a malicious user to manipulate file content (e.g.: changing the 
code of html pages or js scripts) or change legitimate files (e.g. 
Setup-RemoteWork-Client.exe) in order to compromise a system or to gain 
elevated privileges.

This is the list of insecure files and folders with their respective 
permissions:

Permission: Everyone:(OI)(CI)(F)

C:\Program Files (x86)\TSplus-RemoteWork\Clients\www
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\cgi-bin
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\download
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\downloads
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\prints
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\software
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\var
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\cgi-bin\remoteapp
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\downloads\shared
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\software\html5
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\software\java
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\software\js
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\software\html5\imgs
C:\Program Files 
(x86)\TSplus-RemoteWork\Clients\www\software\html5\jwres
C:\Program Files 
(x86)\TSplus-RemoteWork\Clients\www\software\html5\locales
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\software\html5\own
C:\Program Files 
(x86)\TSplus-RemoteWork\Clients\www\software\html5\imgs\des
C:\Program Files 
(x86)\TSplus-RemoteWork\Clients\www\software\html5\imgs\key
C:\Program Files 
(x86)\TSplus-RemoteWork\Clients\www\software\html5\imgs\topmenu
C:\Program Files 
(x86)\TSplus-RemoteWork\Clients\www\software\html5\imgs\key\parts
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\software\java\img
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\software\java\third
C:\Program Files 
(x86)\TSplus-RemoteWork\Clients\www\software\java\img\cp
C:\Program Files 
(x86)\TSplus-RemoteWork\Clients\www\software\java\img\srv
C:\Program Files 
(x86)\TSplus-RemoteWork\Clients\www\software\java\third\images
C:\Program Files 
(x86)\TSplus-RemoteWork\Clients\www\software\java\third\js
C:\Program Files 
(x86)\TSplus-RemoteWork\Clients\www\software\java\third\images\bramus
C:\Program Files 
(x86)\TSplus-RemoteWork\Clients\www\software\java\third\js\prototype
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\var\log

-------------------------------------------------------------------------------------------

Permission: Everyone:(F)

C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\robots.txt
C:\Program Files 
(x86)\TSplus-RemoteWork\Clients\www\cgi-bin\hb.exe.config
C:\Program Files 
(x86)\TSplus-RemoteWork\Clients\www\cgi-bin\SessionPrelaunch.Common.dll.config
C:\Program Files 
(x86)\TSplus-RemoteWork\Clients\www\cgi-bin\remoteapp\index.html
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\download\common.js
C:\Program Files (x86)\TSplus-RemoteWork\Clients\www\download\lang.js
C:\Program Files 
(x86)\TSplus-RemoteWork\Clients\www\download\Setup-RemoteWork-Client.exe
C:\Program Files 
(x86)\TSplus-RemoteWork\Clients\www\software\html5\jwres\jwwebsockify.jar
C:\Program Files 
(x86)\TSplus-RemoteWork\Clients\www\software\html5\jwres\web.jar
C:\Program Files 
(x86)\TSplus-RemoteWork\Clients\www\software\html5\own\exitlist.html
C:\Program Files 
(x86)\TSplus-RemoteWork\Clients\www\software\html5\own\exitupload.html
C:\Program Files 
(x86)\TSplus-RemoteWork\Clients\www\software\java\index.html
C:\Program Files 
(x86)\TSplus-RemoteWork\Clients\www\software\java\img\index.html
C:\Program Files 
(x86)\TSplus-RemoteWork\Clients\www\software\java\img\port.bin
C:\Program Files 
(x86)\TSplus-RemoteWork\Clients\www\software\java\third\jws.js
C:\Program Files 
(x86)\TSplus-RemoteWork\Clients\www\software\java\third\sha256.js
C:\Program Files 
(x86)\TSplus-RemoteWork\Clients\www\software\java\third\js\prototype\prototype.js
C:\Program Files 
(x86)\TSplus-RemoteWork\Clients\www\software\js\jquery.min.js

Related

prion 2
zdt 1
cvelist 2
cve 2
packetstorm 1
prion
prion
Design/Logic Flaw
2023-09-11 19:15:00
Privilege escalation
2023-10-17 16:15:00
zdt
zdt
TSplus 16.0.0.0 - Remote Work Insecure Files and Folders Vulnerability
2023-08-21 00:00:00
cvelist
cvelist
CVE-2023-31068
2023-09-11 00:00:00
CVE-2023-27133
2023-10-17 00:00:00
cve
cve
CVE-2023-31068
2023-09-11 19:15:41
CVE-2023-27133
2023-10-17 16:15:10
packetstorm
packetstorm
TSPlus 16.0.0.0 Insecure Permissions
2023-08-22 00:00:00

9.7 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.5%

JSON
Related for EDB-ID:51680
prion2zdt1cvelist2cve2packetstorm1