CVE-2025-8769

CVE-2025-8769 affects MegaSys/Megasys’ Telenium Online Web Application. The vulnerability arises from a Perl script used to load the login page with improper input validation, allowing an attacker to inject arbitrary Perl code through a crafted HTTP request and achieve remote code execution on th...

CVE-2025-8769 MegaSys Computer Technologies Telenium Online Web Application Improper Input Validation

Telenium Online Web Application is vulnerable due to a Perl script that is called to load the login page. Due to improper input validation, an attacker can inject arbitrary Perl code through a crafted HTTP request, leading to remote code execution on the server...

CVE-2025-8769 MegaSys Computer Technologies Telenium Online Web Application Improper Input Validation

Telenium Online Web Application is vulnerable due to a Perl script that is called to load the login page. Due to improper input validation, an attacker can inject arbitrary Perl code through a crafted HTTP request, leading to remote code execution on the server...

Megasys Telenium Online Web Application 输入验证错误漏洞

Megasys Telenium Online Web Application is a web page for a network management system from Megasys Canada. An input validation error vulnerability exists in MegaSys Telenium Online Web Application, which stems from improper Perl script input validation and could lead to remote code execution...

CVE-2025-10659 MegaSys Enterprises Telenium Online Web Application OS Command Injection

The Telenium Online Web Application is vulnerable due to a PHP endpoint accessible to unauthenticated network users that improperly handles user-supplied input. This vulnerability occurs due to the insecure termination of a regular expression check within the endpoint. Because the input is not...

CISA Releases Ten Industrial Control Systems Advisories

CISA released ten Industrial Control Systems ICS advisories on September 30, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-273-01 MegaSys Enterprises Telenium Online Web Application ICSA-25-273-02 Festo...

MegaSys Enterprises Telenium Online Web Application

RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to inject arbitrary operating system commands through a crafted HTTP request, leading to remote code execution on the server in the security context of the web application service account. 2...

MegaSys Telenium Online Web Application 操作系统命令注入漏洞

MegaSys Telenium Online Web Application is a web management module from MegaSys, Inc. An operating system command injection vulnerability exists in MegaSys Telenium Online Web Application that originates from a PHP endpoint that does not properly validate or clean up user input, which could lead ...

MegaSys Computer Technologies Telenium Online Web Application (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : MegaSys Computer Technologies Equipment : Telenium Online Web Application Vulnerability : Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could...