PSA: TCAdmin is vulnerable.

tagKnife

Contributing Member
#1
Sup everyone, This is PSA for anyone who may use TCAdmin. I recently discovered a vulnerability which allows any user to read/write any files on the servers file system. This affects both Windows and Linux versions of TCAdmin and allows a remote attacker to gain root privileges on the system.

I will not disclose any information about the exploit here since TCAdmin has me on a 90-day non-discloser agreement.
The only fix is the disable all file transfer capabilities on TCAdmin, or don't use it.
 

Top Bottom