Remote Access Admin Tool
by TSplus
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-26318 | Med | 0.38 | 5.8 | 0.01 | Mar 4, 2025 | hb.exe in TSplus Remote Access before 17.30 2024-10-30 allows remote attackers to retrieve a list of all domain accounts currently connected to the application. | ||
| CVE-2025-5922 | Med | 0.31 | — | 0.00 | Jul 29, 2025 | Access to TSplus Remote Access Admin Tool is restricted to administrators (unless "Disable UAC" option is enabled) and requires a PIN code. In versions below v18.40.6.17 the PIN's hash is stored in a system registry accessible to regular users, making it possible to perform… | ||
| CVE-2023-31068 | 0.03 | — | 0.03 | Sep 11, 2023 | An issue was discovered in TSplus Remote Access through 16.0.2.14. There are Full Control permissions for Everyone on some directories under %PROGRAMFILES(X86)%\TSplus\UserDesktop\themes. | |||
| CVE-2023-31069 | 0.03 | — | 0.02 | Sep 11, 2023 | An issue was discovered in TSplus Remote Access through 16.0.2.14. Credentials are stored as cleartext within the HTML source code of the login page. | |||
| CVE-2023-31067 | 0.03 | — | 0.03 | Sep 11, 2023 | An issue was discovered in TSplus Remote Access through 16.0.2.14. There are Full Control permissions for Everyone on some directories under %PROGRAMFILES(X86)%\TSplus\Clients\www. |
- risk 0.38cvss 5.8epss 0.01
hb.exe in TSplus Remote Access before 17.30 2024-10-30 allows remote attackers to retrieve a list of all domain accounts currently connected to the application.
- risk 0.31cvss —epss 0.00
Access to TSplus Remote Access Admin Tool is restricted to administrators (unless "Disable UAC" option is enabled) and requires a PIN code. In versions below v18.40.6.17 the PIN's hash is stored in a system registry accessible to regular users, making it possible to perform…
- CVE-2023-31068Sep 11, 2023risk 0.03cvss —epss 0.03
An issue was discovered in TSplus Remote Access through 16.0.2.14. There are Full Control permissions for Everyone on some directories under %PROGRAMFILES(X86)%\TSplus\UserDesktop\themes.
- CVE-2023-31069Sep 11, 2023risk 0.03cvss —epss 0.02
An issue was discovered in TSplus Remote Access through 16.0.2.14. Credentials are stored as cleartext within the HTML source code of the login page.
- CVE-2023-31067Sep 11, 2023risk 0.03cvss —epss 0.03
An issue was discovered in TSplus Remote Access through 16.0.2.14. There are Full Control permissions for Everyone on some directories under %PROGRAMFILES(X86)%\TSplus\Clients\www.