XSS Vulnerability in Teltonika Firmware TRB2_R_00.02.02
CVE-2020-5769

5.4MEDIUM

Key Information:

Vendor: Teltonika-networks
Status: Teltonika Gateway Trb245
Vendor: CVE Published:; 17 July 2020

🔔 Create Teltonika-networks Vulnerability Alert

What is CVE-2020-5769?

The vulnerability in Teltonika firmware TRB2_R_00.02.02 arises from insufficient output sanitization, enabling remote authenticated attackers to execute persistent cross-site scripting (XSS) attacks. By injecting malicious client-side code into the 'URL/ Host / Connection' form in the 'DATA TO SERVER' configuration section, attackers can exploit this flaw to manipulate user interactions and potentially compromise user data or session information.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Teltonika Gateway TRB245 TRB2_R_00.02.02 firmware

References

https://www.tenable.com/security/research/tra-2020-43-0

x_refsource_CONFIRM

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Jul 17, 2020
Vulnerability Reserved
Jan 6, 2020

JSON

Teltonika-networks