Telesquare: Security Vulnerabilities
Telesquare TLR-2005KSH 1.0.0 is affected by an arbitrary file deletion vulnerability that allows a remote attacker to delete any file, even system internal files, via a DELETE request.
CVSS Score
9.1
EPSS Score
0.915
Published
2022-04-27
An unauthorized file creation vulnerability in Telesquare TLR-2855KS6 via PUT method can allow creation of CGI scripts.
CVSS Score
7.5
EPSS Score
0.631
Published
2022-04-07
An unauthorized file deletion vulnerability in Telesquare TLR-2855KS6 via DELETE method can allow deletion of system files and scripts.
CVSS Score
9.1
EPSS Score
0.883
Published
2022-04-07
TLR-2005KSH is affected by an incorrect access control vulnerability. THe PUT method is enabled so an attacker can upload arbitrary files including HTML and CGI formats.
CVSS Score
9.8
EPSS Score
0.936
Published
2022-01-03
Telesquare SDT-CS3B1 and SDT-CW3B1 devices through 1.2.0 have a default factory account. Remote attackers can obtain access to the device via TELNET using a hardcoded account.
CVSS Score
9.8
EPSS Score
0.015
Published
2018-06-21
Page 3