1. Home
  2. CVE Database
  3. CVE-2007-4529
HIGH · 8.5

CVE-2007-4529

The WebAdmin interface in TeamSpeak Server 2.0.20.1 allows remote authenticated users with the ServerAdmin flag to assign Registered users certain privileges, resulting in a privilege set that extends...

Vulnerability Description

The WebAdmin interface in TeamSpeak Server 2.0.20.1 allows remote authenticated users with the ServerAdmin flag to assign Registered users certain privileges, resulting in a privilege set that extends beyond that ServerAdmin's own servers, as demonstrated by the (1) AdminAddServer, (2) AdminDeleteServer, (3) AdminStartServer, and (4) AdminStopServer privileges; and administration of arbitrary virtual servers via a request to a .tscmd URI with a modified serverid parameter, as demonstrated by (a) add_server.tscmd, (b) ask_delete_server.tscmd, (c) start_server.tscmd, and (d) stop_server.tscmd.

CVSS Score

8.5

HIGH

AV:N/AC:M/Au:S/C:C/I:C/A:C
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE

Affected Products

VendorProductVersions
TeamspeakWeb Server2.0.20.1

References

FAQ

What is CVE-2007-4529?

CVE-2007-4529 is a vulnerability with a CVSS score of 8.5 (HIGH). The WebAdmin interface in TeamSpeak Server 2.0.20.1 allows remote authenticated users with the ServerAdmin flag to assign Registered users certain privileges, resulting in a privilege set that extends...

How severe is CVE-2007-4529?

CVE-2007-4529 has been rated HIGH with a CVSS base score of 8.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2007-4529?

Check the references section above for vendor advisories and patch information. Affected products include: Teamspeak Web Server.