11 matches found
EUVD-2023-36592
Malicious code in bioql PyPI...
EUVD-2023-34064
Malicious code in bioql PyPI...
Teltonika Remote Management System 安全漏洞
Teltonika Remote Management System is a remote management system used by Teltonika to manage Teltonika products. A security vulnerability exists in Teltonika Remote Management System versions prior to 5.7, which stems from misuse of the invite feature and could lead to account pre-hijacking...
The vulnerability of the Teltonika RMS remote management system lies in the fact that enabling the web function from an unreliable source allows a perpetrator to disclose sensitive information and execute arbitrary codes.
The vulnerability of the Teltonika RMS Remote Management System relates to the activation of the web function from an unreliable source. Exploiting this vulnerability allows a malicious actor to disclose sensitive information and execute arbitrary code using a specially crafted web page...
CVE-2023-2587
Teltonika’s Remote Management System versions prior to 4.10.0 contain a cross-site scripting XSS vulnerability in the main page of the web interface. An attacker with the MAC address and serial number of a connected device could send a maliciously crafted JSON file with an HTML object to trigger...
CVE-2023-2586
Teltonika’s Remote Management System versions 4.14.0 is vulnerable to an unauthorized attacker registering previously unregistered devices through the RMS platform. If the user has not disabled the "RMS management feature" enabled by default, then an attacker could register that device to...
CVE-2023-2588
Teltonika’s Remote Management System versions prior to 4.10.0 have a feature allowing users to access managed devices’ local secure shell SSH/web management services over the cloud proxy. A user can request a web proxy and obtain a URL in the Remote Management System cloud subdomain. This URL cou...
CVE-2023-2586
Teltonika’s Remote Management System versions 4.14.0 is vulnerable to an unauthorized attacker registering previously unregistered devices through the RMS platform. If the user has not disabled the "RMS management feature" enabled by default, then an attacker could register that device to...
CVE-2023-32347
Teltonika’s Remote Management System versions prior to 4.10.0 use device serial numbers and MAC addresses to identify devices from the user perspective for device claiming and from the device perspective for authentication. If an attacker obtained the serial number and MAC address of a device, th...
CVE-2023-32346
Teltonika’s Remote Management System versions prior to 4.10.0 contain a function that allows users to claim their devices. This function returns information based on whether the serial number of a device has already been claimed, the MAC address of a device has already been claimed, or whether th...
Teltonika Remote Management System 授权问题漏洞
Teltonika Remote Management System is a Teltonika remote management system for managing Teltonika products. An authorization issue vulnerability exists in Teltonika Remote Management System versions prior to 4.10.0. An attacker could use this vulnerability to execute arbitrary commands as root by...