Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2023-2588
HistoryMay 22, 2023 - 4:15 p.m.

Remote code execution

2023-05-2216:15:00
PRIOn knowledge base
www.prio-n.com
4
teltonika
remote management system
version
unauthorized access
secure shell
web management
cloud proxy
vulnerability
malicious webpage
certified domain
remote code execution
nvd

9.3 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

62.2%

JSON

Teltonika’s Remote Management System versions prior to 4.10.0 have a feature allowing users to access managed devices’ local secure shell (SSH)/web management services over the cloud proxy. A user can request a web proxy and obtain a URL in the Remote Management System cloud subdomain. This URL could be shared with others without Remote Management System authentication . An attacker could exploit this vulnerability to create a malicious webpage that uses a trusted and certified domain. An attacker could initiate a reverse shell when a victim connects to the malicious webpage, achieving remote code execution on the victim device.

CPENameOperatorVersion
remote_management_systemlt4.10.0

Related

nvd 1
cve 1
cvelist 1
ics 1
thn 1
nvd
nvd
CVE-2023-2588
2023-05-22 16:15:09
cve
cve
CVE-2023-2588
2023-05-22 16:15:09
cvelist
cvelist
CVE-2023-2588
2023-05-22 15:09:31
ics
ics
Teltonika Remote Management System and RUT Model Routers
2023-05-11 12:00:00
thn
thn
Industrial Cellular Routers at Risk: 11 New Vulnerabilities Expose OT Networks
2023-05-15 13:24:00

9.3 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

62.2%

JSON
Related for PRION:CVE-2023-2588
nvd1cve1cvelist1ics1thn1