#利用标题: TSPLUS 16.0.0.0-远程工作不安全文件和文件夹权限
#日期: 2023-08-09
#利用作者: Carlo di Dato for Deloitte风险咨询意大利
#供应商HomePage3360 https://tsplus.net/
#版本:最多16.0.0.0
#在: Windows上测试
#CVE : CVE-2023-31068
使用TSPLUS远程工作(v。16.0.0.0),您可以创建一个安全的单个
登录Web门户和远程桌面网关,使用户能够
远程访问其Office PC的控制台会话。
该解决方案带有嵌入式Web服务器,以允许远程用户
轻松连接远程连接。
但是,设置了不安全的文件和文件夹权限,这可以
允许恶意用户操纵文件内容(例如:
HTML页面或JS脚本的代码)或更改合法文件(例如
为了补偿系统或获取
提高特权。
这是及其各自的不安全文件和文件夹列表
权限:
许可:所有人:(OI)(CI)(f)
C: \ Program Files(X86)\ TSPLUS-REMOTEWORK \ clients \ www
C: \ Program Files(X86)\ TSPLUS-REMOTEWORK \ clients \ www \ cgi-bin
C: \ Program Files(X86)\ TSPLUS-REMOTEWORK \ clients \ www \ download
C: \ Program Files(X86)\ TSPLUS-REMOTEWORK \ clients \ www \ downloads
C: \ Program Files(X86)\ TSPLUS-REMOTEWORK \ clients \ www \ prints
C: \ Program Files(X86)\ TSPLUS-REMOTEWORK \ clients \ www \ Software
C: \ Program Files(X86)\ TSPLUS-REMOTEWORK \ clients \ www \ var
C: \ Program Files(X86)\ TSPLUS-REMOTEWORK \ clients \ www \ cgi-bin \ remoteapp
C: \ Program Files(X86)\ TSPLUS-REMOTEWORK \ clients \ www \ downloads \ shared
C: \ Program Files(X86)\ TSPLUS-REMOTEWORK \ clients \ www \ software \ html5
C: \ Program Files(X86)\ TSPLUS-REMOTEWORK \ clients \ www \ Software \ Java
C: \ Program Files(X86)\ TSPLUS-REMOTEWORK \ clients \ www \ software \ js
C: \ Program Files(X86)\ TSPLUS-REMOTEWORK \ clients \ www \ software \ html5 \ imgs
C: \程序文件
(x86)\ tsplus-remotework \ clients \ www \ software \ html5 \ jwres
C: \程序文件
(x86)\ tsplus-remotework \ clients \ www \ software \ html5 \ locales
C: \ Program Files(x86)\ tsplus-remotework \ clients \ www \ software \ html5 \ own
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ software \ html5 \ imgs \ des
C: \程序文件
(x86)\ tsplus-remotework \ clients \ www \ software \ html5 \ imgs \ key
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ software \ html5 \ imgs \ topmenu
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ software \ html5 \ imgs \ key \ parts
C: \ Program Files(X86)\ TSPLUS-REMOTEWORK \ clients \ www \ software \ java \ img
C: \ Program Files(X86)\ TSPLUS-REMOTEWORK \ clients \ www \ software \ java \ thixt
C: \程序文件
(x86)\ tsplus-remotework \ clients \ www \ software \ java \ img \ cp
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ software \ java \ img \ srv
C: \程序文件
(x86)\ tsplus-remotework \ clients \ www \ software \ java \ third \图像
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ software \ java \ third \ js
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ software \ java \ third \ images \ bramus
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ software \ java \ third \ js \ prototype
C: \ Program Files(x86)\ tsplus-remotework \ clients \ www \ var \ log
-------------------------------------------------------------------------------------------------------------------------------------------------------
许可:所有人:(f)
C: \ Program Files(x86)\ tsplus-remotework \ clients \ www \ robots.txt
C: \程序文件
(x86)\ tsplus-remotework \ clients \ www \ cgi-bin \ hb.exe.config
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ cgi-bin \ sessionprelaunch.common.dll.config
C: \程序文件
(x86)\ tsplus-remotework \ clients \ www \ cgi-bin \ remoteapp \ index.html
C: \ Program Files(X86)\ TSPLUS-REMOTEWORK \ clients \ www \ www \ download \ common.js
C: \ Program Files(X86)\ TSPLUS-REMOTEWORK \ clients \ www \ www \ download \ lang.js
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ download \ setup-remotework-client.exe
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ software \ html5 \ jwres \ jwwebsocking.jar
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ software \ html5 \ jwres \ web.jar
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ software \ html5 \ hount \ exitlist.html
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ software \ html5 \ horn \ exitupload.html
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ software \ java \ index.html
C: \程序文件
(x86)\ tsplus-remotework \ clients \ www \ software \ java \ img \ index.html
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ software \ java \ img \ port.bin
C: \程序文件
(x86)\ tsplus-remotework \ clients \ www \ software \ java \ third \ jws.js
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ software \ java \ third \ sha256.js
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ software \ java \ third \ js \ js \ prototype \ prototype.js
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ software \ js \ jquery.min.js
#日期: 2023-08-09
#利用作者: Carlo di Dato for Deloitte风险咨询意大利
#供应商HomePage3360 https://tsplus.net/
#版本:最多16.0.0.0
#在: Windows上测试
#CVE : CVE-2023-31068
使用TSPLUS远程工作(v。16.0.0.0),您可以创建一个安全的单个
登录Web门户和远程桌面网关,使用户能够
远程访问其Office PC的控制台会话。
该解决方案带有嵌入式Web服务器,以允许远程用户
轻松连接远程连接。
但是,设置了不安全的文件和文件夹权限,这可以
允许恶意用户操纵文件内容(例如:
HTML页面或JS脚本的代码)或更改合法文件(例如
为了补偿系统或获取
提高特权。
这是及其各自的不安全文件和文件夹列表
权限:
许可:所有人:(OI)(CI)(f)
C: \ Program Files(X86)\ TSPLUS-REMOTEWORK \ clients \ www
C: \ Program Files(X86)\ TSPLUS-REMOTEWORK \ clients \ www \ cgi-bin
C: \ Program Files(X86)\ TSPLUS-REMOTEWORK \ clients \ www \ download
C: \ Program Files(X86)\ TSPLUS-REMOTEWORK \ clients \ www \ downloads
C: \ Program Files(X86)\ TSPLUS-REMOTEWORK \ clients \ www \ prints
C: \ Program Files(X86)\ TSPLUS-REMOTEWORK \ clients \ www \ Software
C: \ Program Files(X86)\ TSPLUS-REMOTEWORK \ clients \ www \ var
C: \ Program Files(X86)\ TSPLUS-REMOTEWORK \ clients \ www \ cgi-bin \ remoteapp
C: \ Program Files(X86)\ TSPLUS-REMOTEWORK \ clients \ www \ downloads \ shared
C: \ Program Files(X86)\ TSPLUS-REMOTEWORK \ clients \ www \ software \ html5
C: \ Program Files(X86)\ TSPLUS-REMOTEWORK \ clients \ www \ Software \ Java
C: \ Program Files(X86)\ TSPLUS-REMOTEWORK \ clients \ www \ software \ js
C: \ Program Files(X86)\ TSPLUS-REMOTEWORK \ clients \ www \ software \ html5 \ imgs
C: \程序文件
(x86)\ tsplus-remotework \ clients \ www \ software \ html5 \ jwres
C: \程序文件
(x86)\ tsplus-remotework \ clients \ www \ software \ html5 \ locales
C: \ Program Files(x86)\ tsplus-remotework \ clients \ www \ software \ html5 \ own
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ software \ html5 \ imgs \ des
C: \程序文件
(x86)\ tsplus-remotework \ clients \ www \ software \ html5 \ imgs \ key
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ software \ html5 \ imgs \ topmenu
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ software \ html5 \ imgs \ key \ parts
C: \ Program Files(X86)\ TSPLUS-REMOTEWORK \ clients \ www \ software \ java \ img
C: \ Program Files(X86)\ TSPLUS-REMOTEWORK \ clients \ www \ software \ java \ thixt
C: \程序文件
(x86)\ tsplus-remotework \ clients \ www \ software \ java \ img \ cp
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ software \ java \ img \ srv
C: \程序文件
(x86)\ tsplus-remotework \ clients \ www \ software \ java \ third \图像
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ software \ java \ third \ js
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ software \ java \ third \ images \ bramus
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ software \ java \ third \ js \ prototype
C: \ Program Files(x86)\ tsplus-remotework \ clients \ www \ var \ log
-------------------------------------------------------------------------------------------------------------------------------------------------------
许可:所有人:(f)
C: \ Program Files(x86)\ tsplus-remotework \ clients \ www \ robots.txt
C: \程序文件
(x86)\ tsplus-remotework \ clients \ www \ cgi-bin \ hb.exe.config
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ cgi-bin \ sessionprelaunch.common.dll.config
C: \程序文件
(x86)\ tsplus-remotework \ clients \ www \ cgi-bin \ remoteapp \ index.html
C: \ Program Files(X86)\ TSPLUS-REMOTEWORK \ clients \ www \ www \ download \ common.js
C: \ Program Files(X86)\ TSPLUS-REMOTEWORK \ clients \ www \ www \ download \ lang.js
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ download \ setup-remotework-client.exe
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ software \ html5 \ jwres \ jwwebsocking.jar
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ software \ html5 \ jwres \ web.jar
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ software \ html5 \ hount \ exitlist.html
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ software \ html5 \ horn \ exitupload.html
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ software \ java \ index.html
C: \程序文件
(x86)\ tsplus-remotework \ clients \ www \ software \ java \ img \ index.html
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ software \ java \ img \ port.bin
C: \程序文件
(x86)\ tsplus-remotework \ clients \ www \ software \ java \ third \ jws.js
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ software \ java \ third \ sha256.js
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ software \ java \ third \ js \ js \ prototype \ prototype.js
C: \程序文件
(x86)\ tsplus-remotework \ client \ www \ software \ js \ jquery.min.js