First published: Wed Apr 10 2024(Updated: )
An issue discovered in Telesquare TLR-2005Ksh 1.0.0 and 1.1.4 allows attackers to run arbitrary system commands via the Cmd parameter.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Telesquare TLR-2005KSH Firmware | >=1.0.0<=1.1.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-29269 is considered to have a high severity due to its potential to allow arbitrary command execution on affected systems.
To fix CVE-2024-29269, it is recommended to upgrade Telesquare TLR-2005Ksh to a version that is not affected, specifically beyond version 1.1.4.
CVE-2024-29269 affects Telesquare TLR-2005Ksh versions 1.0.0 and 1.1.4.
Exploiting CVE-2024-29269 allows attackers to execute arbitrary system commands, which can lead to unauthorized access and control of the system.
While an official workaround is not provided, limiting access to the Cmd parameter and enhancing input validation may help mitigate the risk temporarily.