CVE-2006-4309 : VNC server on the AK-Systems Windows Terminal 1.2.5 ExVLP is not password protec

VNC server on the AK-Systems Windows Terminal 1.2.5 ExVLP is not password protected, which allows remote attackers to login and view RDP or Citrix sessions.

Published 2006-08-23 19:04:00

Updated 2025-04-03 01:03:51

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2006-4309

Ak-systems » Windows Terminal » Version: 1.2.5 Exvlp
cpe:2.3:a:ak-systems:windows_terminal:1.2.5_exvlp:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2006-4309

EPSS FAQ

0.92%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 74 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2006-4309

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2006-4309

http://www.securityfocus.com/bid/19659
http://securityreason.com/securityalert/1438
https://exchange.xforce.ibmcloud.com/vulnerabilities/28532
http://www.securityfocus.com/archive/1/444060/100/0/threaded

Jump to

Vulnerability Details : CVE-2006-4309

Products affected by CVE-2006-4309

Exploit prediction scoring system (EPSS) score for CVE-2006-4309

CVSS scores for CVE-2006-4309

References for CVE-2006-4309