PoC Releases for Unauthorized RCE Flaw (CVE-2024-29269) Threatens 40K+ Telesquare Routers

IoT 4周前 admin
81 0 0
Recently, a significant security flaw has been discovered in the Telesquare TLR-2005KSH LTE routers. These routers, widely used in South Korea and produced by the Telesquare company, have been found to possess an unauthorized remote command execution vulnerability, identified as CVE-2024-29269. This vulnerability allows attackers to execute system commands remotely without authorization, potentially leading to full server compromise.
最近,在Telesquare TLR—2005KSH LTE路由器中发现了一个重大的安全漏洞。这些路由器在韩国广泛使用,由Telesquare公司生产,被发现具有未经授权的远程命令执行漏洞,标识为CVE—2024—29269。此漏洞允许攻击者在未经授权的情况下远程执行系统命令,可能导致整个服务器受损。

PoC Releases for Unauthorized RCE Flaw (CVE-2024-29269) Threatens 40K+ Telesquare Routers

The CVE-2024-29269 vulnerability affects Telesquare TLR-2005KSH router versions 1.0.0 and 1.1.4. The flaw resides in the Cmd parameter, through which an attacker can execute arbitrary system commands. This unauthorized access grants the attacker the ability to gain control over the router and, by extension, the network it is connected to. This flaw was found by security researcher Wutalent.
CVE-2024-29269漏洞影响Telesquare TLR-2005 KSH路由器版本1.0.0和1.1.4。该漏洞存在于Cmd参数中,攻击者可以通过该参数执行任意系统命令。这种未经授权的访问使攻击者能够获得对路由器的控制权,进而控制它所连接的网络。安全研究人员Wutalent发现了这个漏洞。

PoC Releases for Unauthorized RCE Flaw (CVE-2024-29269) Threatens 40K+ Telesquare Routers

ZoomEye Search Results 搜索结果

According to data from ZoomEye, a search engine dedicated to identifying Internet-connected devices, there are over 40,000 TLR-2005KSH routers exposed online. Additionally, cybersecurity firm LeakIX reports that over 4,000 of these routers are publicly accessible, making them prime targets for exploitation.
根据ZoomEye的数据,一个专门用于识别互联网连接设备的搜索引擎,有超过40,000个TLR-2005 KSH路由器暴露在网上。此外,网络安全公司LeakIX报告说,这些路由器中有4,000多个是公开访问的,使它们成为攻击的主要目标。

原文始发于DO SON :PoC Releases for Unauthorized RCE Flaw (CVE-2024-29269) Threatens 40K+ Telesquare Routers

版权声明:admin 发表于 2024年5月24日 下午11:19。
转载请注明:PoC Releases for Unauthorized RCE Flaw (CVE-2024-29269) Threatens 40K+ Telesquare Routers | CTF导航

相关文章