radmin in eSeSIX Thintune thin clients running firmware 2.4.38 and earlier starts a process port 25072 that can be accessed with a default "jstwo" password, which allows remote attackers to gain access.
Max CVSS
10.0
EPSS Score
1.88%
Published
2004-12-31
Updated
2017-07-11
eSeSIX Thintune thin clients running firmware 2.4.38 and earlier store sensitive usernames and passwords in cleartext in configuration files for the keeper library, which allows attackers to gain access.
Max CVSS
4.6
EPSS Score
0.07%
Published
2004-12-31
Updated
2017-07-11
eSeSIX Thintune thin clients running firmware 2.4.38 and earlier allow local users to gain privileges by pressing CTRL-SHIFT-ALT-DEL and entering the "maertsJ" password, which is hard-coded into lshell.
Max CVSS
4.6
EPSS Score
0.06%
Published
2004-12-31
Updated
2017-07-11
The Phoenix browser in eSeSIX Thintune thin clients running firmware 2.4.38 and earlier allows local users to read arbitrary files via a file:/// URL.
Max CVSS
5.0
EPSS Score
0.28%
Published
2004-07-24
Updated
2017-07-11
eSeSIX Thintune thin clients running firmware 2.4.38 and earlier accept any password that begins with the actual password, which makes it easier for users to conduct brute force password guessing.
Max CVSS
7.5
EPSS Score
0.26%
Published
2004-12-31
Updated
2016-10-18
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!