VYPR

Remote Access Admin Tool

by TSplus

CVEs (5)

  • CVE-2025-26318MedMar 4, 2025
    risk 0.38cvss 5.8epss 0.01

    hb.exe in TSplus Remote Access before 17.30 2024-10-30 allows remote attackers to retrieve a list of all domain accounts currently connected to the application.

  • CVE-2025-5922MedJul 29, 2025
    risk 0.31cvss epss 0.00

    Access to TSplus Remote Access Admin Tool is restricted to administrators (unless "Disable UAC" option is enabled) and requires a PIN code. In versions below v18.40.6.17 the PIN's hash is stored in a system registry accessible to regular users, making it possible to perform…

  • CVE-2023-31068Sep 11, 2023
    risk 0.03cvss epss 0.03

    An issue was discovered in TSplus Remote Access through 16.0.2.14. There are Full Control permissions for Everyone on some directories under %PROGRAMFILES(X86)%\TSplus\UserDesktop\themes.

  • CVE-2023-31069Sep 11, 2023
    risk 0.03cvss epss 0.02

    An issue was discovered in TSplus Remote Access through 16.0.2.14. Credentials are stored as cleartext within the HTML source code of the login page.

  • CVE-2023-31067Sep 11, 2023
    risk 0.03cvss epss 0.03

    An issue was discovered in TSplus Remote Access through 16.0.2.14. There are Full Control permissions for Everyone on some directories under %PROGRAMFILES(X86)%\TSplus\Clients\www.