Security researchers identify two critical flaws with a CVSS score of 10 in the Dell Wyse Thin Client. Dell already issued a solution to correct the problems. The vulnerabilities are only possible because of Dells glaring omission, which allowed users to perform system maintenance through an FTP server that can pull new firmware, packages and configurations. Once exploited, the vulnerabilities allow attackers to, among other things, remotely run malicious code and access arbitrary files on affected devices. The only other solution would be to disable the FTP protocol for obtaining vulnerable files.”]
Numerous Dell Wyse Thin Devices Affected by a Couple of Critical Flaws with a CVSS 10 Score
