Tlr 2005ksh Firmware
by Telesquare
CVEs (16)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-9603 | Med | 0.41 | 6.3 | 0.08 | Aug 29, 2025 | A vulnerability was determined in Telesquare TLR-2005KSH 1.2.4. The affected element is an unknown function of the file /cgi-bin/internet.cgi?Command=lanCfg. Executing manipulation of the argument Hostname can lead to command injection. The attack may be performed from a remote… | ||
| CVE-2021-46424 | 0.10 | — | 0.37 | Apr 27, 2022 | Telesquare TLR-2005KSH 1.0.0 is affected by an arbitrary file deletion vulnerability that allows a remote attacker to delete any file, even system internal files, via a DELETE request. | |||
| CVE-2024-29269 | 0.07 | — | 0.06 | Apr 10, 2024 | An issue discovered in Telesquare TLR-2005Ksh 1.0.0 and 1.1.4 allows attackers to run arbitrary system commands via the Cmd parameter. | |||
| CVE-2025-26006 | 0.00 | — | 0.00 | Mar 26, 2025 | Telesquare TLR-2005KSH 1.1.4 has an unauthorized stack overflow vulnerability when requesting the admin.cgi parameter with setAutorest. | |||
| CVE-2025-26001 | 0.00 | — | 0.00 | Mar 26, 2025 | Telesquare TLR-2005KSH 1.1.4 is vulnerable to Information Disclosure via the parameter getUserNamePassword. | |||
| CVE-2025-28361 | 0.00 | — | 0.00 | Mar 26, 2025 | Unauthorized stack overflow vulnerability in Telesquare TLR-2005KSH v.1.1.4 allows a remote attacker to obtain sensitive information via the systemutil.cgi component. | |||
| CVE-2025-26007 | 0.00 | — | 0.00 | Mar 26, 2025 | Telesquare TLR-2005KSH 1.1.4 has an unauthorized stack overflow vulnerability in the login interface when requesting systemtil.cgi. | |||
| CVE-2025-26005 | 0.00 | — | 0.00 | Mar 26, 2025 | Telesquare TLR-2005KSH 1.1.4 is vulnerable to unauthorized stack overflow vulnerability when requesting admin.cgi parameter with setNtp. | |||
| CVE-2025-26003 | 0.00 | — | 0.01 | Mar 26, 2025 | Telesquare TLR-2005KSH 1.1.4 is affected by an unauthorized command execution vulnerability when requesting the admin.cgi parameter with setAutorest. | |||
| CVE-2025-26009 | 0.00 | — | 0.00 | Mar 26, 2025 | Telesquare TLR-2005KSH 1.1.4 has an Information Disclosure vulnerability when requesting systemutilit.cgi. | |||
| CVE-2025-26011 | 0.00 | — | 0.00 | Mar 26, 2025 | Telesquare TLR-2005KSH 1.1.4 has an unauthorized stack overflow vulnerability when requesting the admin.cgi parameter with setUsernamePassword. | |||
| CVE-2025-26004 | 0.00 | — | 0.00 | Mar 26, 2025 | Telesquare TLR-2005KSH 1.1.4 is vulnerable to unauthorized stack buffer overflow vulnerability when requesting admin.cgi parameter with setDdns. | |||
| CVE-2025-26002 | 0.00 | — | 0.00 | Mar 26, 2025 | Telesquare TLR-2005KSH 1.1.4 is affected by an unauthorized stack overflow vulnerability when requesting the admin.cgi parameter with setSyncTimeHost. | |||
| CVE-2025-26008 | 0.00 | — | 0.00 | Mar 26, 2025 | In Telesquare TLR-2005KSH 1.1.4, an unauthorized stack overflow vulnerability exists when requesting admin.cgi parameter with setSyncTimeHost. | |||
| CVE-2025-26010 | 0.00 | — | 0.00 | Mar 26, 2025 | Telesquare TLR-2005KSH 1.1.4 allows unauthorized password modification when requesting the admin.cgi parameter with setUserNamePassword. | |||
| CVE-2021-46423 | 0.00 | — | 0.01 | Apr 27, 2022 | Telesquare TLR-2005KSH 1.0.0 is affected by an unauthenticated file download vulnerability that allows a remote attacker to download a full configuration file. |
- risk 0.41cvss 6.3epss 0.08
A vulnerability was determined in Telesquare TLR-2005KSH 1.2.4. The affected element is an unknown function of the file /cgi-bin/internet.cgi?Command=lanCfg. Executing manipulation of the argument Hostname can lead to command injection. The attack may be performed from a remote…
- CVE-2021-46424Apr 27, 2022risk 0.10cvss —epss 0.37
Telesquare TLR-2005KSH 1.0.0 is affected by an arbitrary file deletion vulnerability that allows a remote attacker to delete any file, even system internal files, via a DELETE request.
- CVE-2024-29269Apr 10, 2024risk 0.07cvss —epss 0.06
An issue discovered in Telesquare TLR-2005Ksh 1.0.0 and 1.1.4 allows attackers to run arbitrary system commands via the Cmd parameter.
- CVE-2025-26006Mar 26, 2025risk 0.00cvss —epss 0.00
Telesquare TLR-2005KSH 1.1.4 has an unauthorized stack overflow vulnerability when requesting the admin.cgi parameter with setAutorest.
- CVE-2025-26001Mar 26, 2025risk 0.00cvss —epss 0.00
Telesquare TLR-2005KSH 1.1.4 is vulnerable to Information Disclosure via the parameter getUserNamePassword.
- CVE-2025-28361Mar 26, 2025risk 0.00cvss —epss 0.00
Unauthorized stack overflow vulnerability in Telesquare TLR-2005KSH v.1.1.4 allows a remote attacker to obtain sensitive information via the systemutil.cgi component.
- CVE-2025-26007Mar 26, 2025risk 0.00cvss —epss 0.00
Telesquare TLR-2005KSH 1.1.4 has an unauthorized stack overflow vulnerability in the login interface when requesting systemtil.cgi.
- CVE-2025-26005Mar 26, 2025risk 0.00cvss —epss 0.00
Telesquare TLR-2005KSH 1.1.4 is vulnerable to unauthorized stack overflow vulnerability when requesting admin.cgi parameter with setNtp.
- CVE-2025-26003Mar 26, 2025risk 0.00cvss —epss 0.01
Telesquare TLR-2005KSH 1.1.4 is affected by an unauthorized command execution vulnerability when requesting the admin.cgi parameter with setAutorest.
- CVE-2025-26009Mar 26, 2025risk 0.00cvss —epss 0.00
Telesquare TLR-2005KSH 1.1.4 has an Information Disclosure vulnerability when requesting systemutilit.cgi.
- CVE-2025-26011Mar 26, 2025risk 0.00cvss —epss 0.00
Telesquare TLR-2005KSH 1.1.4 has an unauthorized stack overflow vulnerability when requesting the admin.cgi parameter with setUsernamePassword.
- CVE-2025-26004Mar 26, 2025risk 0.00cvss —epss 0.00
Telesquare TLR-2005KSH 1.1.4 is vulnerable to unauthorized stack buffer overflow vulnerability when requesting admin.cgi parameter with setDdns.
- CVE-2025-26002Mar 26, 2025risk 0.00cvss —epss 0.00
Telesquare TLR-2005KSH 1.1.4 is affected by an unauthorized stack overflow vulnerability when requesting the admin.cgi parameter with setSyncTimeHost.
- CVE-2025-26008Mar 26, 2025risk 0.00cvss —epss 0.00
In Telesquare TLR-2005KSH 1.1.4, an unauthorized stack overflow vulnerability exists when requesting admin.cgi parameter with setSyncTimeHost.
- CVE-2025-26010Mar 26, 2025risk 0.00cvss —epss 0.00
Telesquare TLR-2005KSH 1.1.4 allows unauthorized password modification when requesting the admin.cgi parameter with setUserNamePassword.
- CVE-2021-46423Apr 27, 2022risk 0.00cvss —epss 0.01
Telesquare TLR-2005KSH 1.0.0 is affected by an unauthenticated file download vulnerability that allows a remote attacker to download a full configuration file.