Teamspeak : Security Vulnerabilities
The TeamSpeak client before 3.3.2 allows remote servers to trigger a crash via the 0xe2 0x81 0xa8 0xe2 0x81 0xa7 byte sequence, aka Unicode characters U+2068 (FIRST STRONG ISOLATE) and U+2067 (RIGHT-TO-LEFT ISOLATE).
| Max Base Score | 7.5 |
| Published | 2019-08-29 |
| Updated | 2020-08-24 |
| EPSS | 0.25% |
TeamSpeak 3 Client before 3.2.5 allows remote code execution in the Qt framework.
| Max Base Score | 9.3 |
| Published | 2019-04-19 |
| Updated | 2020-08-24 |
| EPSS | 1.86% |
TeamSpeak Client 3.0.19 allows remote attackers to cause a denial of service (application crash) via the ᗪ Unicode character followed by the ༿ Unicode character.
| Max Base Score | 7.5 |
| Published | 2017-06-27 |
| Updated | 2017-07-03 |
| EPSS | 0.45% |
A potential Buffer Overflow Vulnerability (from a BB Code handling issue) has been identified in TeamSpeak Server version 3.0.13.6 (08/11/2016 09:48:33), it enables the users to Crash any WINDOWS Client that clicked into a Vulnerable Channel of a TeamSpeak Server.
| Max Base Score | 7.5 |
| Published | 2017-07-06 |
| Updated | 2017-07-12 |
| EPSS | 0.24% |
Buffer overflow in TeamSpeak Client 3.0.14 and earlier allows remote authenticated users to cause a denial of service (application crash) by connecting to a channel with a different client instance, and placing crafted data in the Chat/Server tab with two \\ (backslash) characters, a digit, a \ (backslash) character, and "z" in a series of nested img BBCODE tags.
| Max Base Score | 6.5 |
| Published | 2018-01-08 |
| Updated | 2018-01-30 |
| EPSS | 0.39% |
TeamSpeak Client 3.0.14 and earlier allows remote authenticated users to cause a denial of service (buffer overflow and application crash) by connecting to a channel with a different client instance, and placing crafted data in the Chat/Server tab containing [img]//http:// substrings.
| Max Base Score | 6.5 |
| Published | 2018-01-08 |
| Updated | 2018-01-30 |
| EPSS | 0.65% |
The (1) teamspeak and (2) teamspeak-server scripts in TeamSpeak 2.0.32 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
| Max Base Score | 6.9 |
| Published | 2010-10-20 |
| Updated | 2010-10-21 |
| EPSS | 0.04% |
Multiple cross-site scripting (XSS) vulnerabilities in TeamSpeak Server 2.0.20.1 allow remote attackers to inject arbitrary web script or HTML via (1) the error_text parameter to error_box.html or (2) the ok_title parameter to ok_box.html.
| Max Base Score | 4.3 |
| Published | 2007-08-25 |
| Updated | 2018-10-15 |
| EPSS | 0.30% |
The WebAdmin interface in TeamSpeak Server 2.0.20.1 allows remote authenticated users with the ServerAdmin flag to assign Registered users certain privileges, resulting in a privilege set that extends beyond that ServerAdmin's own servers, as demonstrated by the (1) AdminAddServer, (2) AdminDeleteServer, (3) AdminStartServer, and (4) AdminStopServer privileges; and administration of arbitrary virtual servers via a request to a .tscmd URI with a modified serverid parameter, as demonstrated by (a) add_server.tscmd, (b) ask_delete_server.tscmd, (c) start_server.tscmd, and (d) stop_server.tscmd.
| Max Base Score | 8.5 |
| Published | 2007-08-25 |
| Updated | 2018-10-15 |
| EPSS | 0.52% |
TeamSpeak WebServer 2.0 for Windows does not validate parameter value lengths and does not expire TCP sessions, which allows remote attackers to cause a denial of service (CPU and memory consumption) via long username and password parameters in a request to login.tscmd on TCP port 14534.
| Max Base Score | 7.8 |
| Published | 2007-07-24 |
| Updated | 2017-09-29 |
| EPSS | 7.93% |
10 vulnerabilities found