VAR-200412-0964
Vulnerability from variot - Updated: 2025-04-03 22:16radmin in eSeSIX Thintune thin clients running firmware 2.4.38 and earlier starts a process port 25072 that can be accessed with a default "jstwo" password, which allows remote attackers to gain access. Thintune Linux-based devices are reported prone to multiple vulnerabilities. The issues include backdoor accounts that can be accessed over the network and an information disclosure issue that can disclose user accounts and passwords. Thintune devices with firmware version 2.4.38 and prior are affected by these issues. Reportedly, Thintune devices based on Windows CE are not affected. eSeSIX Thintune is a series of thin client applications developed by eSeSIX GmbH. ICA, RDP, X11 and SSH support on custom Linux platforms. The second problem is that there is a password disclosure problem. The Keeper library is used to store all JStream configuration settings. The configuration files are stored in the /root/.keeper/ directory. By browsing the local file system or using the "getreg" command provided in the first question , can remotely read Keeper database information, resulting in access to VNC, control center and screen saver password information. The third problem is that the local ROOT SHELL can be obtained by any user by pressing and then entering the "maertsJ" password to obtain the ROOT SHELL. The fourth problem is that local users can view plaintext passwords. Thintune software supports end users to access through Phoenix Web browsers. By entering "file:///", local file system directories can be obtained, and local users can use browsers to view sensitive information. The fifth problem is that the password check is not correct. If the user sets the password to 'a', then inputting a character string starting with "automobile", "any" or "afternoon" can be successfully verified
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200412-0964",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "thintune xs",
"scope": "eq",
"trust": 1.9,
"vendor": "esesix",
"version": "2.4.38"
},
{
"model": "thintune xm",
"scope": "eq",
"trust": 1.9,
"vendor": "esesix",
"version": "2.4.38"
},
{
"model": "thintune s",
"scope": "eq",
"trust": 1.9,
"vendor": "esesix",
"version": "2.4.38"
},
{
"model": "thintune mobile",
"scope": "eq",
"trust": 1.9,
"vendor": "esesix",
"version": "2.4.38"
},
{
"model": "thintune m",
"scope": "eq",
"trust": 1.9,
"vendor": "esesix",
"version": "2.4.38"
},
{
"model": "thintune l",
"scope": "eq",
"trust": 1.9,
"vendor": "esesix",
"version": "2.4.38"
},
{
"model": "thintune extreme",
"scope": "eq",
"trust": 1.9,
"vendor": "esesix",
"version": "2.4.38"
},
{
"model": "thintune xs",
"scope": "ne",
"trust": 0.3,
"vendor": "esesix",
"version": "2.4.39"
},
{
"model": "thintune xm",
"scope": "ne",
"trust": 0.3,
"vendor": "esesix",
"version": "2.4.39"
},
{
"model": "thintune s",
"scope": "ne",
"trust": 0.3,
"vendor": "esesix",
"version": "2.4.39"
},
{
"model": "thintune mobile",
"scope": "ne",
"trust": 0.3,
"vendor": "esesix",
"version": "2.4.39"
},
{
"model": "thintune m",
"scope": "ne",
"trust": 0.3,
"vendor": "esesix",
"version": "2.4.39"
},
{
"model": "thintune l",
"scope": "ne",
"trust": 0.3,
"vendor": "esesix",
"version": "2.4.39"
},
{
"model": "thintune extreme",
"scope": "ne",
"trust": 0.3,
"vendor": "esesix",
"version": "2.4.39"
}
],
"sources": [
{
"db": "BID",
"id": "10794"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-1170"
},
{
"db": "NVD",
"id": "CVE-2004-2048"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Loss, Dirk\u203b Dirk.Loss@it-consult.net",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-1170"
}
],
"trust": 0.6
},
"cve": "CVE-2004-2048",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2004-2048",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-10476",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2004-2048",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200412-1170",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-10476",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10476"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-1170"
},
{
"db": "NVD",
"id": "CVE-2004-2048"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "radmin in eSeSIX Thintune thin clients running firmware 2.4.38 and earlier starts a process port 25072 that can be accessed with a default \"jstwo\" password, which allows remote attackers to gain access. Thintune Linux-based devices are reported prone to multiple vulnerabilities. \nThe issues include backdoor accounts that can be accessed over the network and an information disclosure issue that can disclose user accounts and passwords. \nThintune devices with firmware version 2.4.38 and prior are affected by these issues. Reportedly, Thintune devices based on Windows CE are not affected. eSeSIX Thintune is a series of thin client applications developed by eSeSIX GmbH. ICA, RDP, X11 and SSH support on custom Linux platforms. The second problem is that there is a password disclosure problem. The Keeper library is used to store all JStream configuration settings. The configuration files are stored in the /root/.keeper/ directory. By browsing the local file system or using the \"getreg\" command provided in the first question , can remotely read Keeper database information, resulting in access to VNC, control center and screen saver password information. The third problem is that the local ROOT SHELL can be obtained by any user by pressing \u003cCTRL\u003e\u003cSHIFT\u003e\u003cALT\u003e\u003cDEL\u003e and then entering the \"maertsJ\" password to obtain the ROOT SHELL. The fourth problem is that local users can view plaintext passwords. Thintune software supports end users to access through Phoenix Web browsers. By entering \"file:///\", local file system directories can be obtained, and local users can use browsers to view sensitive information. The fifth problem is that the password check is not correct. If the user sets the password to \u0027a\u0027, then inputting a character string starting with \"automobile\", \"any\" or \"afternoon\" can be successfully verified",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2048"
},
{
"db": "BID",
"id": "10794"
},
{
"db": "VULHUB",
"id": "VHN-10476"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "10794",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2004-2048",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "8246",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1010770",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "12154",
"trust": 1.7
},
{
"db": "NSFOCUS",
"id": "6752",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20040724 ESESIX THINTUNE THIN CLIENT MULTIPLE VULNERABILITIES",
"trust": 0.6
},
{
"db": "XF",
"id": "16790",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200412-1170",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-10476",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10476"
},
{
"db": "BID",
"id": "10794"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-1170"
},
{
"db": "NVD",
"id": "CVE-2004-2048"
}
]
},
"id": "VAR-200412-0964",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-10476"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:16:43.903000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2048"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/10794"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/8246"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1010770"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/12154"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16790"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=109068491801021\u0026w=2"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/16790"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=109068491801021\u0026w=2"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/6752"
},
{
"trust": 0.3,
"url": "http://www.thintune.com/en/products/index.htm"
},
{
"trust": 0.3,
"url": "/archive/1/369833"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=109068491801021\u0026amp;w=2"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10476"
},
{
"db": "BID",
"id": "10794"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-1170"
},
{
"db": "NVD",
"id": "CVE-2004-2048"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-10476"
},
{
"db": "BID",
"id": "10794"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-1170"
},
{
"db": "NVD",
"id": "CVE-2004-2048"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-10476"
},
{
"date": "2004-07-24T00:00:00",
"db": "BID",
"id": "10794"
},
{
"date": "2004-07-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-1170"
},
{
"date": "2004-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2004-2048"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-10476"
},
{
"date": "2004-07-24T00:00:00",
"db": "BID",
"id": "10794"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-1170"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2004-2048"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-1170"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "eSeSIX Thintune Thin client device multiple security vulnerabilities",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-1170"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "10794"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-1170"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…