AK-Systems Windows Terminals远程未授权管理访问漏洞

基于WinCE的Windows Terminals thin客户端由AK-Systems公司制作的包含VNC服务来远程管理和设置的应用程序。 新固件版本的应用程序其VNC访问没有通过密码保护，因此任何有VNC客户端的用户可以连接终端并查看RDP/Citrix会话或进行中间人攻击。 AK-Systems Windows Terminal 1.2.5 ExVLP http://www.ak-systems.ru/products/models/...

unauthorized VNC access in AK-Systems Windows Terminals

WinCE-based Windows Terminals thin clients manufactured by AK-Systems http://www.ak-systems.ru/ with firmware version 1.2.5 ExVLP feature a VNC server for remote administration and setup. The VNC access is not protected by password, so anyone with a VNC client can connect to the terminal and watc...