VYPR
Vendor

TSplus

Products
2
CVEs
7
Across products
7
Status
Private

Products

2

Recent CVEs

7
  • CVE-2025-26318MedMar 4, 2025
    risk 0.38cvss 5.8epss 0.01

    hb.exe in TSplus Remote Access before 17.30 2024-10-30 allows remote attackers to retrieve a list of all domain accounts currently connected to the application.

  • CVE-2025-5922MedJul 29, 2025
    risk 0.31cvss epss 0.00

    Access to TSplus Remote Access Admin Tool is restricted to administrators (unless "Disable UAC" option is enabled) and requires a PIN code. In versions below v18.40.6.17 the PIN's hash is stored in a system registry accessible to regular users, making it possible to perform…

  • CVE-2023-31068Sep 11, 2023
    risk 0.03cvss epss 0.03

    An issue was discovered in TSplus Remote Access through 16.0.2.14. There are Full Control permissions for Everyone on some directories under %PROGRAMFILES(X86)%\TSplus\UserDesktop\themes.

  • CVE-2023-31067Sep 11, 2023
    risk 0.03cvss epss 0.03

    An issue was discovered in TSplus Remote Access through 16.0.2.14. There are Full Control permissions for Everyone on some directories under %PROGRAMFILES(X86)%\TSplus\Clients\www.

  • CVE-2023-31069Sep 11, 2023
    risk 0.03cvss epss 0.02

    An issue was discovered in TSplus Remote Access through 16.0.2.14. Credentials are stored as cleartext within the HTML source code of the login page.

  • CVE-2023-27133Oct 17, 2023
    risk 0.00cvss epss 0.01

    TSplus Remote Work 16.0.0.0 has weak permissions for .exe, .js, and .html files under the %PROGRAMFILES(X86)%\TSplus-RemoteWork\Clients\www folder. This may enable privilege escalation if a different local user modifies a file. NOTE: CVE-2023-31067 and CVE-2023-31068 are only…

  • CVE-2023-27132Oct 17, 2023
    risk 0.00cvss epss 0.01

    TSplus Remote Work 16.0.0.0 places a cleartext password on the "var pass" line of the HTML source code for the secure single sign-on web portal. NOTE: CVE-2023-31069 is only about the TSplus Remote Access product, not the TSplus Remote Work product.