icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

ThinClientServer < 4.0.2248 Admin Account Creation

High

Synopsis

The remote web server contains a PHP script that allows the creation of additional administrative accounts.

Description

The remote web server contains a PHP script that allows the creation of additional administrative accounts. The remote host is running ThinClientServer, an application to convert existing PCs into thin clients. The version of ThinClientServer installed on the remote host allows an unauthenticated remote attacker to create administrative accounts.

Solution

Upgrade to version 4.0.2248 or higher.