CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2004-2048

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1670%
EPSS Percentile5.61th
Published2004年12月31日
Last Modified2026年4月16日

Vulnerability Description

radmin in eSeSIX Thintune thin clients running firmware 2.4.38 and earlier starts a process port 25072 that can be accessed with a default "jstwo" password, which allows remote attackers to gain access.

Affected Platforms (CPE)

🔌
Esesix

Thintune Extreme

= 2.4.38
🔌
Esesix

Thintune L

= 2.4.38
🔌
Esesix

Thintune M

= 2.4.38
🔌
Esesix

Thintune Mobile

= 2.4.38
🔌
Esesix

Thintune S

= 2.4.38
🔌
Esesix

Thintune Xm

= 2.4.38
🔌
Esesix

Thintune Xs

= 2.4.38

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=109068491801021&w=2
🔗 http://secunia.com/advisories/12154
🔗 http://securitytracker.com/id?1010770
🔗 http://www.osvdb.org/8246
🔗 http://www.securityfocus.com/bid/10794
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/16790
🔗 http://marc.info/?l=bugtraq&m=109068491801021&w=2
🔗 http://secunia.com/advisories/12154

相關漏洞威脅

CVE-2004-090410.0

Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird...

CVE-2004-100610.0

Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to execute arbitrary code via cer...

CVE-2004-041810.0

serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow ...

CVE-2004-129010.0

Buffer overflow in the process_moves function in pgn2web.c for pgn2web 0.3 allows remote attackers to execute arbitrary code via a...