Filtered by vendor Telesquare
Subscribe
Total
21 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-9603 | 1 Telesquare | 2 Tlr-2005ksh, Tlr-2005ksh Firmware | 2025-09-11 | 6.5 MEDIUM | 6.3 MEDIUM |
|
A vulnerability was determined in Telesquare TLR-2005KSH 1.2.4. The affected element is an unknown function of the file /cgi-bin/internet.cgi?Command=lanCfg. Executing manipulation of the argument Hostname can lead to command injection. The attack may be performed from a remote location. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
|
|||||
| CVE-2024-29269 | 1 Telesquare | 2 Tlr-2005ksh, Tlr-2005ksh Firmware | 2025-06-17 | N/A | 8.8 HIGH |
|
An issue discovered in Telesquare TLR-2005Ksh 1.0.0 and 1.1.4 allows attackers to run arbitrary system commands via the Cmd parameter.
|
|||||
| CVE-2025-26001 | 1 Telesquare | 2 Tlr-2005ksh, Tlr-2005ksh Firmware | 2025-04-01 | N/A | 7.5 HIGH |
|
Telesquare TLR-2005KSH 1.1.4 is vulnerable to Information Disclosure via the parameter getUserNamePassword.
|
|||||
| CVE-2025-26002 | 1 Telesquare | 2 Tlr-2005ksh, Tlr-2005ksh Firmware | 2025-04-01 | N/A | 9.8 CRITICAL |
|
Telesquare TLR-2005KSH 1.1.4 is affected by an unauthorized stack overflow vulnerability when requesting the admin.cgi parameter with setSyncTimeHost.
|
|||||
| CVE-2025-26003 | 1 Telesquare | 2 Tlr-2005ksh, Tlr-2005ksh Firmware | 2025-04-01 | N/A | 9.8 CRITICAL |
|
Telesquare TLR-2005KSH 1.1.4 is affected by an unauthorized command execution vulnerability when requesting the admin.cgi parameter with setAutorest.
|
|||||
| CVE-2025-26004 | 1 Telesquare | 2 Tlr-2005ksh, Tlr-2005ksh Firmware | 2025-04-01 | N/A | 9.8 CRITICAL |
|
Telesquare TLR-2005KSH 1.1.4 is vulnerable to unauthorized stack buffer overflow vulnerability when requesting admin.cgi parameter with setDdns.
|
|||||
| CVE-2025-26005 | 1 Telesquare | 2 Tlr-2005ksh, Tlr-2005ksh Firmware | 2025-04-01 | N/A | 9.8 CRITICAL |
|
Telesquare TLR-2005KSH 1.1.4 is vulnerable to unauthorized stack overflow vulnerability when requesting admin.cgi parameter with setNtp.
|
|||||
| CVE-2025-26006 | 1 Telesquare | 2 Tlr-2005ksh, Tlr-2005ksh Firmware | 2025-04-01 | N/A | 9.8 CRITICAL |
|
Telesquare TLR-2005KSH 1.1.4 has an unauthorized stack overflow vulnerability when requesting the admin.cgi parameter with setAutorest.
|
|||||
| CVE-2025-26007 | 1 Telesquare | 2 Tlr-2005ksh, Tlr-2005ksh Firmware | 2025-04-01 | N/A | 9.8 CRITICAL |
|
Telesquare TLR-2005KSH 1.1.4 has an unauthorized stack overflow vulnerability in the login interface when requesting systemtil.cgi.
|
|||||
| CVE-2025-26008 | 1 Telesquare | 2 Tlr-2005ksh, Tlr-2005ksh Firmware | 2025-04-01 | N/A | 9.8 CRITICAL |
|
In Telesquare TLR-2005KSH 1.1.4, an unauthorized stack overflow vulnerability exists when requesting admin.cgi parameter with setSyncTimeHost.
|
|||||
| CVE-2025-26009 | 1 Telesquare | 2 Tlr-2005ksh, Tlr-2005ksh Firmware | 2025-04-01 | N/A | 7.5 HIGH |
|
Telesquare TLR-2005KSH 1.1.4 has an Information Disclosure vulnerability when requesting systemutilit.cgi.
|
|||||
| CVE-2025-26010 | 1 Telesquare | 2 Tlr-2005ksh, Tlr-2005ksh Firmware | 2025-04-01 | N/A | 9.8 CRITICAL |
|
Telesquare TLR-2005KSH 1.1.4 allows unauthorized password modification when requesting the admin.cgi parameter with setUserNamePassword.
|
|||||
| CVE-2025-28361 | 1 Telesquare | 2 Tlr-2005ksh, Tlr-2005ksh Firmware | 2025-04-01 | N/A | 7.5 HIGH |
|
Unauthorized stack overflow vulnerability in Telesquare TLR-2005KSH v.1.1.4 allows a remote attacker to obtain sensitive information via the systemutil.cgi component.
|
|||||
| CVE-2025-26011 | 1 Telesquare | 2 Tlr-2005ksh, Tlr-2005ksh Firmware | 2025-04-01 | N/A | 9.8 CRITICAL |
|
Telesquare TLR-2005KSH 1.1.4 has an unauthorized stack overflow vulnerability when requesting the admin.cgi parameter with setUsernamePassword.
|
|||||
| CVE-2021-46424 | 1 Telesquare | 2 Tlr-2005ksh, Tlr-2005ksh Firmware | 2024-11-21 | 9.4 HIGH | 9.1 CRITICAL |
|
Telesquare TLR-2005KSH 1.0.0 is affected by an arbitrary file deletion vulnerability that allows a remote attacker to delete any file, even system internal files, via a DELETE request.
|
|||||
| CVE-2021-46423 | 1 Telesquare | 2 Tlr-2005ksh, Tlr-2005ksh Firmware | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
Telesquare TLR-2005KSH 1.0.0 is affected by an unauthenticated file download vulnerability that allows a remote attacker to download a full configuration file.
|
|||||
| CVE-2021-46422 | 1 Telesquare | 2 Sdt-cs3b1, Sdt-cs3b1 Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
Telesquare SDT-CW3B1 1.1.0 is affected by an OS command injection vulnerability that allows a remote attacker to execute OS commands without any authentication.
|
|||||
| CVE-2021-46419 | 1 Telesquare | 2 Tlr-2855ks6, Tlr-2855ks6 Firmware | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
An unauthorized file deletion vulnerability in Telesquare TLR-2855KS6 via DELETE method can allow deletion of system files and scripts.
|
|||||
| CVE-2021-46418 | 1 Telesquare | 2 Tlr-2855ks6, Tlr-2855ks6 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An unauthorized file creation vulnerability in Telesquare TLR-2855KS6 via PUT method can allow creation of CGI scripts.
|
|||||
| CVE-2021-45428 | 1 Telesquare | 2 Tlr-2005ksh, Tlr-2005ksh Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
TLR-2005KSH is affected by an incorrect access control vulnerability. THe PUT method is enabled so an attacker can upload arbitrary files including HTML and CGI formats.
|
|||||
| CVE-2018-12526 | 1 Telesquare | 4 Sdt-cs3b1, Sdt-cs3b1 Firmware, Sdt-cw3b1 and 1 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
Telesquare SDT-CS3B1 and SDT-CW3B1 devices through 1.2.0 have a default factory account. Remote attackers can obtain access to the device via TELNET using a hardcoded account.
|
|||||