CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

In Teltonika Networks Remote Management System RMS, it is possible to perform account pre-hijacking by misusing the invite functionality. If a victim has a pending invite and registers to the platform directly, they are added to the attackers company without their knowledge. The victims account a...

7.2CVSS0.00236EPSS

Exploits0References1

Cvelist•added 2025/05/29 8:59 a.m.•15 views

CVE-2025-4687 Account pre-hijacking through invite misuse

7.2CVSS0.00236EPSS

Exploits0References1

Vulnrichment•added 2025/05/29 8:59 a.m.•9 views

CVE-2025-4687 Account pre-hijacking through invite misuse

7.2CVSS7.2AI score0.00236EPSS

Exploits0References1

CVE•added 2025/05/29 8:59 a.m.•61 views

CVE-2025-4687

CVE-2025-4687 affects Teltonika Networks Remote Management System (RMS) prior to 5.7. The issue allows account pre-hijacking via misuse of the invite feature: if a user has a pending invite and registers directly, they are added to the attacker’s company, enabling the attacker to manage the victi...

7.2CVSS7AI score0.00236EPSS

Exploits0References1

Positive Technologies•added 2025/05/29 12:0 a.m.•3 views

PT-2025-23147 · Teltonika Networks · Teltonika Networks Rms

Name of the Vulnerable Software and Affected Versions: Teltonika Networks Remote Management System RMS versions prior to 5.7 Description: The issue allows for account pre-hijacking by misusing the invite functionality. If a victim has a pending invite and registers to the platform directly, they...

7.2CVSS6.5AI score0.00236EPSS

Exploits0References9

NVD•added 2023/05/22 4:15 p.m.•12 views

CVE-2023-32348

Teltonika’s Remote Management System versions prior to 4.10.0 contain a virtual private network VPN hub feature for cross-device communication that uses OpenVPN. It connects new devices in a manner that allows the new device to communicate with all Teltonika devices connected to the VPN. The...

5.8CVSS6.2AI score0.0019EPSS

Exploits0References1

OSV•added 2023/05/22 4:15 p.m.•2 views

CVE-2023-32348

5.8CVSS6.5AI score

Exploits0References1

NVD•added 2023/05/22 4:15 p.m.•8 views

CVE-2023-2588

Teltonika’s Remote Management System versions prior to 4.10.0 have a feature allowing users to access managed devices’ local secure shell SSH/web management services over the cloud proxy. A user can request a web proxy and obtain a URL in the Remote Management System cloud subdomain. This URL cou...

8.8CVSS9AI score0.00814EPSS

Exploits0References1

NVD•added 2023/05/22 4:15 p.m.•13 views

CVE-2023-2586

Teltonika’s Remote Management System versions 4.14.0 is vulnerable to an unauthorized attacker registering previously unregistered devices through the RMS platform. If the user has not disabled the "RMS management feature" enabled by default, then an attacker could register that device to...

9.8CVSS9.7AI score0.00864EPSS

Exploits0References1

Prion•added 2023/05/22 4:15 p.m.•11 views

Remote code execution

6.8CVSS9.3AI score0.00814EPSS

Exploits0References1Affected Software1

Prion•added 2023/05/22 4:15 p.m.•14 views

Cross site scripting

5CVSS6.7AI score0.0019EPSS

Exploits0References1Affected Software1

Prion•added 2023/05/22 4:15 p.m.•14 views

Cross site scripting

Teltonika’s Remote Management System versions prior to 4.10.0 contain a cross-site scripting XSS vulnerability in the main page of the web interface. An attacker with the MAC address and serial number of a connected device could send a maliciously crafted JSON file with an HTML object to trigger...

5.1CVSS8.3AI score0.00483EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by