Arbitrary System Command Execution Vulnerability Affects Telesquare TLR-2005Ksh
CVE-2024-29269
Key Information:
- Vendor
Telesquare
- Status
- Vendor
- CVE Published:
- 10 April 2024
Badges
What is CVE-2024-29269?
Telesquare TLR-2005Ksh versions 1.0.0 and 1.1.4 have an unauthorized remote command execution vulnerability that allows attackers to run arbitrary system commands via the Cmd parameter. This could potentially lead to a remote unauthenticated attacker fully compromising the server to steal confidential information, install ransomware, or pivot to the internal network. This poses a serious risk and organizations are recommended to upgrade the affected software to the latest version to mitigate this vulnerability. There are no current known exploitations by ransomware groups.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
News Articles
【漏洞复现】Telesquare admin.cgi 远程代码执行漏洞(CVE-2024-29269)-CSDN博客
文章浏览阅读378次。Telesquare TLR-2005Ksh版本1.0.0和1.1.4存在未经授权的远程命令执行漏洞。攻击者可以利用此漏洞在未经cmd参数授权的情况下执行系统命令,并获取服务器权限。_cve-2024-29269
Pentest-Tools.comCVE-2024-29269Telesquare TLR-2005KSH - Remote Command Execution (CVE-2024-29269)
Telesquare Tlr-2005Ksh is a Sk Telecom Lte router from South Korea's Telesquare company.Telesquare TLR-2005Ksh versions 1.0.0 and 1.1.4 have an unauthorized remote command execution vulnerability.
References
EPSS Score
93% chance of being exploited in the next 30 days.
Timeline
- 🟡
Public PoC available
- 👾
Exploit known to exist
Vulnerability published
- 📰
First article discovered by Pentest-Tools.com
Vulnerability Reserved