Vulnerabilities > CVE-2020-13872 - Improper Restriction of Excessive Authentication Attempts vulnerability in Royalapps Royal TS

047910
CVSS 8.8 - HIGH
Attack vector
ADJACENT_NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
low complexity
royalapps
CWE-307
NVD
Published: 2020-06-09
Updated: 2020-06-12

Summary

Royal TS before 5 has a 0.0.0.0 listener, which makes it easier for attackers to bypass tunnel authentication via a brute-force approach.

Vulnerable Configurations

Part Description Count
Application
Royalapps
1
OS
Microsoft
1

Common Weakness Enumeration (CWE)

References