Vulnerability Details CVE-2021-45428
TLR-2005KSH is affected by an incorrect access control vulnerability. THe PUT method is enabled so an attacker can upload arbitrary files including HTML and CGI formats.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.894
EPSS Ranking 99.5%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- http://packetstormsecurity.com/files/167101/TLR-2005KSH-Arbitrary-File-Upload.html
- https://drive.google.com/file/d/1wM1SPOfB9mH2SES7cAmlysuI9fOpFB3F/view?usp=sharing
- http://packetstormsecurity.com/files/167101/TLR-2005KSH-Arbitrary-File-Upload.html
- https://drive.google.com/file/d/1wM1SPOfB9mH2SES7cAmlysuI9fOpFB3F/view?usp=sharing
Products affected by CVE-2021-45428
-
cpe:2.3:h:telesquare:tlr-2005ksh:-
-
cpe:2.3:o:telesquare:tlr-2005ksh_firmware:-