Hi! Today I suddenly found out that I can run some very sensitive command without logging in serveradmin account, like shutting down the server…
I noticed that this unauthernticated user is assigned to both 1 and 8 server group, but none of them has any sensitive permissons… I tried to test it by assigning the group 8 (Guest) to an normal client account, it couldn’t do anything, I don’t know why it performs differently on ServerQuery account.
I want to block this kind of operation now, only reserve these for serveradmin account. Have no idea what to do now 
.
below are some reference info.
Server version is 3.13.7 Linux, no license
this is the result of “clientinfo” command of the unauthenticated user
cid=25
client_idle_time=40200
client_unique_identifier=ServerQuery
client_nickname=Unknown
client_version=ServerQuery
client_platform=ServerQuery
client_input_muted=0
client_output_muted=0
client_outputonly_muted=0
client_input_hardware=0
client_output_hardware=0
client_default_channel
client_meta_data
client_is_recording=0
client_version_sign
client_security_hash
client_login_name
client_database_id=2
client_channel_group_id=8
client_servergroups=2,8
client_created=1647107084
client_lastconnected=1647107084
client_totalconnections=0
client_away=0
client_away_message
client_type=1
client_flag_avatar
client_talk_power=0
client_talk_request=0
client_talk_request_msg
client_description
client_is_talker=0
client_month_bytes_uploaded=0
client_month_bytes_downloaded=0
client_total_bytes_uploaded=0
client_total_bytes_downloaded=0
client_is_priority_speaker=0
client_unread_messages=0
client_nickname_phonetic
client_needed_serverquery_view_power=100
client_default_token
client_icon_id=0
client_is_channel_commander=0
client_country=FI
client_channel_group_inherited_channel_id=25
client_badges
client_myteamspeak_id
client_integrations
client_myteamspeak_avatar
client_signed_badges
client_base64HashClientUID
connection_filetransfer_bandwidth_sent=0
connection_filetransfer_bandwidth_received=0
connection_packets_sent_total=0
connection_bytes_sent_total=0
connection_packets_received_total=0
connection_bytes_received_total=0
connection_bandwidth_sent_last_second_total=0
connection_bandwidth_sent_last_minute_total=0
connection_bandwidth_received_last_second_total=0
connection_bandwidth_received_last_minute_total=0
connection_connected_time=0
connection_client_ip=
and this is the severgroup setting
sgid=1 name=Guest\sServer\sQuery type=2 iconid=0 savedb=0 sortid=0 namemode=0 n_modifyp=100 n_member_addp=0 n_member_removep=0
sgid=2 name=Admin\sServer\sQuery type=2 iconid=500 savedb=1 sortid=0 namemode=0 n_modifyp=100 n_member_addp=100 n_member_removep=100
sgid=3 name=Server\sAdmin type=0 iconid=300 savedb=1 sortid=0 namemode=0 n_modifyp=75 n_member_addp=75 n_member_removep=75
sgid=4 name=Normal type=0 iconid=0 savedb=1 sortid=0 namemode=0 n_modifyp=75 n_member_addp=60 n_member_removep=60
sgid=5 name=Guest type=0 iconid=0 savedb=0 sortid=0 namemode=0 n_modifyp=75 n_member_addp=0 n_member_removep=0
sgid=6 name=Server\sAdmin type=1 iconid=300 savedb=1 sortid=0 namemode=0 n_modifyp=75 n_member_addp=75 n_member_removep=75
sgid=7 name=大哥 type=1 iconid=200 savedb=1 sortid=0 namemode=1 n_modifyp=75 n_member_addp=60 n_member_removep=60
sgid=8 name=Guest type=1 iconid=0 savedb=0 sortid=0 namemode=0 n_modifyp=75 n_member_addp=0 n_member_removep=0
sgid=9 name=恶臭国男 type=1 iconid=-755230364 savedb=1 sortid=0 namemode=1 n_modifyp=75 n_member_addp=60 n_member_removep=60
sgid=10 name=son type=1 iconid=261400265 savedb=1 sortid=0 namemode=1 n_modifyp=75 n_member_addp=60 n_member_removep=60
this is the permission list for server group 1 and 8
group 1:
sgid=1 permid=1 permvalue=1 permnegated=0 permskip=0
sgid=1 permid=13 permvalue=1 permnegated=0 permskip=0
sgid=1 permid=24 permvalue=1 permnegated=0 permskip=0
sgid=1 permid=89 permvalue=0 permnegated=1 permskip=1
sgid=1 permid=90 permvalue=0 permnegated=1 permskip=1
sgid=1 permid=91 permvalue=0 permnegated=1 permskip=1
sgid=1 permid=134 permvalue=0 permnegated=1 permskip=1
sgid=1 permid=135 permvalue=0 permnegated=1 permskip=1
sgid=1 permid=136 permvalue=0 permnegated=1 permskip=1
sgid=1 permid=149 permvalue=20 permnegated=0 permskip=0
sgid=1 permid=165 permvalue=100 permnegated=0 permskip=0
sgid=1 permid=175 permvalue=100 permnegated=0 permskip=0
sgid=1 permid=216 permvalue=-1 permnegated=1 permskip=1
sgid=1 permid=218 permvalue=0 permnegated=1 permskip=1
sgid=1 permid=219 permvalue=0 permnegated=1 permskip=1
sgid=1 permid=220 permvalue=0 permnegated=1 permskip=1
sgid=1 permid=223 permvalue=-1 permnegated=1 permskip=1
group 8:
sgid=8 permid=40 permvalue=1 permnegated=0 permskip=1
sgid=8 permid=83 permvalue=0 permnegated=0 permskip=0
sgid=8 permid=91 permvalue=1 permnegated=0 permskip=0
sgid=8 permid=92 permvalue=1 permnegated=0 permskip=0
sgid=8 permid=94 permvalue=1 permnegated=0 permskip=0
sgid=8 permid=96 permvalue=1 permnegated=0 permskip=0
sgid=8 permid=98 permvalue=7 permnegated=0 permskip=0
sgid=8 permid=99 permvalue=1 permnegated=0 permskip=0
sgid=8 permid=100 permvalue=1 permnegated=0 permskip=0
sgid=8 permid=104 permvalue=1 permnegated=0 permskip=0
sgid=8 permid=132 permvalue=60 permnegated=0 permskip=1
sgid=8 permid=134 permvalue=1 permnegated=0 permskip=1
sgid=8 permid=135 permvalue=1 permnegated=0 permskip=1
sgid=8 permid=136 permvalue=1 permnegated=0 permskip=1
sgid=8 permid=149 permvalue=15 permnegated=0 permskip=1
sgid=8 permid=165 permvalue=75 permnegated=0 permskip=1
sgid=8 permid=176 permvalue=0 permnegated=0 permskip=1
sgid=8 permid=178 permvalue=200000 permnegated=0 permskip=1
sgid=8 permid=179 permvalue=-1 permnegated=0 permskip=0
sgid=8 permid=196 permvalue=75 permnegated=0 permskip=1
sgid=8 permid=198 permvalue=0 permnegated=0 permskip=1
sgid=8 permid=199 permvalue=25 permnegated=0 permskip=1
sgid=8 permid=200 permvalue=0 permnegated=0 permskip=1
sgid=8 permid=201 permvalue=25 permnegated=0 permskip=1
sgid=8 permid=202 permvalue=0 permnegated=0 permskip=1
sgid=8 permid=203 permvalue=25 permnegated=0 permskip=1
sgid=8 permid=204 permvalue=0 permnegated=0 permskip=1
sgid=8 permid=205 permvalue=25 permnegated=0 permskip=1
sgid=8 permid=219 permvalue=1 permnegated=0 permskip=0
sgid=8 permid=237 permvalue=25 permnegated=0 permskip=1
sgid=8 permid=243 permvalue=25 permnegated=0 permskip=1
sgid=8 permid=247 permvalue=-1 permnegated=0 permskip=1
sgid=8 permid=248 permvalue=-1 permnegated=0 permskip=0
