漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Retrievable password hash protecting TSplus admin console
Vulnerability Description
Access to TSplus Remote Access Admin Tool is restricted to administrators (unless "Disable UAC" option is enabled) and requires a PIN code. In versions below v18.40.6.17 the PIN's hash is stored in a system registry accessible to regular users, making it possible to perform a brute-force attack using rainbow tables, since the hash is not salted. LTS (Long-Term Support) versions also received patches in v17.2025.6.27 and v16.2025.6.27 releases.
CVSS Information
N/A
Vulnerability Type
不充分的凭证保护机制
Vulnerability Title
TSplus Remote Access Admin Tool 安全漏洞
Vulnerability Description
TSplus Remote Access Admin Tool是法国TSplus公司的一个用于集中配置和管理TSplus远程访问服务器的工具。 TSplus Remote Access Admin Tool v18.40.6.17之前版本存在安全漏洞,该漏洞源于未加盐的PIN哈希存储在可访问的系统注册表中,可能导致暴力破解攻击。
CVSS Information
N/A
Vulnerability Type
N/A