Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Teltonika’s Remote Management System versions prior to 4.10.0 use device serial numbers and MAC addresses to identify devices from the user perspective for device claiming and from the device perspective for authentication. If an attacker obtained the serial number and MAC address of a device, they could authenticate as that device and steal communication credentials of the device. This could allow an attacker to enable arbitrary command execution as root by utilizing management options within the newly registered devices.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:H
Vulnerability Type
认证机制不恰当
Vulnerability Title
Teltonika Remote Management System 授权问题漏洞
Vulnerability Description
Teltonika Remote Management System是Teltonika公司的一个远程管理系统,用于管理Teltonika产品。 Teltonika Remote Management System 4.10.0之前版本存在授权问题漏洞。攻击者利用该漏洞通过利用新注册设备中的管理选项以 root 身份执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A