Improper Input Validation in Teltonika Firmware Vulnerability
CVE-2020-5771

7.5HIGH

Key Information:

Vendor: Teltonika-networks
Status: Teltonika Gateway Trb245
Vendor: CVE Published:; 3 August 2020

🔔 Create Teltonika-networks Vulnerability Alert

What is CVE-2020-5771?

The vulnerability in Teltonika's TRB2 firmware stems from improper input validation that permits a remote, authenticated attacker to exploit the system. By uploading a specially crafted backup archive, the attacker can elevate their privileges to root level, potentially compromising the device’s security and integrity. This presents a significant risk to the operational environment of the affected systems.

Affected Version(s)

Teltonika Gateway TRB245 TRB2_R_00.02.04.01 firmware

References

https://www.tenable.com/security/research/tra-2020-48

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 3, 2020
Vulnerability Reserved
Jan 6, 2020