CVE-2025-26007
- EPSS 0.41%
- Veröffentlicht 26.03.2025 00:00:00
- Zuletzt bearbeitet 01.04.2025 16:34:03
Telesquare TLR-2005KSH 1.1.4 has an unauthorized stack overflow vulnerability in the login interface when requesting systemtil.cgi.
CVE-2025-26002
- EPSS 0.41%
- Veröffentlicht 26.03.2025 00:00:00
- Zuletzt bearbeitet 01.04.2025 16:35:02
Telesquare TLR-2005KSH 1.1.4 is affected by an unauthorized stack overflow vulnerability when requesting the admin.cgi parameter with setSyncTimeHost.
CVE-2025-26001
- EPSS 0.31%
- Veröffentlicht 26.03.2025 00:00:00
- Zuletzt bearbeitet 01.04.2025 16:35:09
Telesquare TLR-2005KSH 1.1.4 is vulnerable to Information Disclosure via the parameter getUserNamePassword.
CVE-2024-29269
- EPSS 93.21%
- Veröffentlicht 10.04.2024 20:15:07
- Zuletzt bearbeitet 17.06.2025 17:06:37
An issue discovered in Telesquare TLR-2005Ksh 1.0.0 and 1.1.4 allows attackers to run arbitrary system commands via the Cmd parameter.
CVE-2021-46424
- EPSS 91.47%
- Veröffentlicht 27.04.2022 13:15:09
- Zuletzt bearbeitet 21.11.2024 06:34:03
Telesquare TLR-2005KSH 1.0.0 is affected by an arbitrary file deletion vulnerability that allows a remote attacker to delete any file, even system internal files, via a DELETE request.
CVE-2021-46423
- EPSS 0.27%
- Veröffentlicht 27.04.2022 13:15:09
- Zuletzt bearbeitet 21.11.2024 06:34:03
Telesquare TLR-2005KSH 1.0.0 is affected by an unauthenticated file download vulnerability that allows a remote attacker to download a full configuration file.
CVE-2021-45428
- EPSS 91.55%
- Veröffentlicht 03.01.2022 14:15:07
- Zuletzt bearbeitet 21.11.2024 06:32:12
TLR-2005KSH is affected by an incorrect access control vulnerability. THe PUT method is enabled so an attacker can upload arbitrary files including HTML and CGI formats.