VYPR

Vendor CVEs

Telesquare

All CVEs

24 total · sorted by risk
  • CVE-2017-20224CriMar 16, 2026
    risk 0.64cvss 9.8epss 0.01

    Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious content by exploiting enabled WebDAV HTTP methods. Attackers can use PUT, DELETE, MKCOL, MOVE, COPY, and PROPPATCH methods…

  • CVE-2017-20223CriMar 16, 2026
    risk 0.64cvss 9.8epss 0.01

    Telesquare SKT LTE Router SDT-CS3B1 firmware version 1.2.0 contains an insecure direct object reference vulnerability that allows attackers to bypass authorization and access resources by manipulating user-supplied input parameters. Attackers can directly reference objects in…

  • CVE-2018-12526CriJun 21, 2018
    risk 0.64cvss 9.8epss 0.02

    Telesquare SDT-CS3B1 and SDT-CW3B1 devices through 1.2.0 have a default factory account. Remote attackers can obtain access to the device via TELNET using a hardcoded account.

  • CVE-2017-20222HigMar 16, 2026
    risk 0.49cvss 7.5epss 0.01

    Telesquare SKT LTE Router SDT-CS3B1 software version 1.2.0 contains an unauthenticated remote reboot vulnerability that allows attackers to trigger device reboot without authentication. Attackers can send POST requests to the lte.cgi endpoint with the Command=Reboot parameter to…

  • CVE-2025-9603MedAug 29, 2025
    risk 0.41cvss 6.3epss 0.08

    A vulnerability was determined in Telesquare TLR-2005KSH 1.2.4. The affected element is an unknown function of the file /cgi-bin/internet.cgi?Command=lanCfg. Executing manipulation of the argument Hostname can lead to command injection. The attack may be performed from a remote…

  • CVE-2017-20221MedMar 16, 2026
    risk 0.28cvss 4.3epss 0.00

    Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains a cross-site request forgery vulnerability that allows authenticated attackers to execute arbitrary system commands by exploiting missing request validation. Attackers can craft malicious web pages that perform…

  • CVE-2021-46422Apr 27, 2022
    risk 0.11cvss epss 0.95

    Telesquare SDT-CW3B1 1.1.0 is affected by an OS command injection vulnerability that allows a remote attacker to execute OS commands without any authentication.

  • CVE-2021-46424Apr 27, 2022
    risk 0.10cvss epss 0.37

    Telesquare TLR-2005KSH 1.0.0 is affected by an arbitrary file deletion vulnerability that allows a remote attacker to delete any file, even system internal files, via a DELETE request.

  • CVE-2021-46419Apr 7, 2022
    risk 0.10cvss epss 0.71

    An unauthorized file deletion vulnerability in Telesquare TLR-2855KS6 via DELETE method can allow deletion of system files and scripts.

  • CVE-2021-46418Apr 7, 2022
    risk 0.08cvss epss 0.24

    An unauthorized file creation vulnerability in Telesquare TLR-2855KS6 via PUT method can allow creation of CGI scripts.

  • CVE-2024-29269Apr 10, 2024
    risk 0.07cvss epss 0.06

    An issue discovered in Telesquare TLR-2005Ksh 1.0.0 and 1.1.4 allows attackers to run arbitrary system commands via the Cmd parameter.

  • CVE-2025-26004Mar 26, 2025
    risk 0.00cvss epss 0.00

    Telesquare TLR-2005KSH 1.1.4 is vulnerable to unauthorized stack buffer overflow vulnerability when requesting admin.cgi parameter with setDdns.

  • CVE-2025-26002Mar 26, 2025
    risk 0.00cvss epss 0.00

    Telesquare TLR-2005KSH 1.1.4 is affected by an unauthorized stack overflow vulnerability when requesting the admin.cgi parameter with setSyncTimeHost.

  • CVE-2025-26008Mar 26, 2025
    risk 0.00cvss epss 0.00

    In Telesquare TLR-2005KSH 1.1.4, an unauthorized stack overflow vulnerability exists when requesting admin.cgi parameter with setSyncTimeHost.

  • CVE-2025-26010Mar 26, 2025
    risk 0.00cvss epss 0.00

    Telesquare TLR-2005KSH 1.1.4 allows unauthorized password modification when requesting the admin.cgi parameter with setUserNamePassword.

  • CVE-2025-26006Mar 26, 2025
    risk 0.00cvss epss 0.00

    Telesquare TLR-2005KSH 1.1.4 has an unauthorized stack overflow vulnerability when requesting the admin.cgi parameter with setAutorest.

  • CVE-2025-26001Mar 26, 2025
    risk 0.00cvss epss 0.00

    Telesquare TLR-2005KSH 1.1.4 is vulnerable to Information Disclosure via the parameter getUserNamePassword.

  • CVE-2025-28361Mar 26, 2025
    risk 0.00cvss epss 0.00

    Unauthorized stack overflow vulnerability in Telesquare TLR-2005KSH v.1.1.4 allows a remote attacker to obtain sensitive information via the systemutil.cgi component.

  • CVE-2025-26007Mar 26, 2025
    risk 0.00cvss epss 0.00

    Telesquare TLR-2005KSH 1.1.4 has an unauthorized stack overflow vulnerability in the login interface when requesting systemtil.cgi.

  • CVE-2025-26005Mar 26, 2025
    risk 0.00cvss epss 0.00

    Telesquare TLR-2005KSH 1.1.4 is vulnerable to unauthorized stack overflow vulnerability when requesting admin.cgi parameter with setNtp.

  • CVE-2025-26003Mar 26, 2025
    risk 0.00cvss epss 0.01

    Telesquare TLR-2005KSH 1.1.4 is affected by an unauthorized command execution vulnerability when requesting the admin.cgi parameter with setAutorest.

  • CVE-2025-26009Mar 26, 2025
    risk 0.00cvss epss 0.00

    Telesquare TLR-2005KSH 1.1.4 has an Information Disclosure vulnerability when requesting systemutilit.cgi.

  • CVE-2025-26011Mar 26, 2025
    risk 0.00cvss epss 0.00

    Telesquare TLR-2005KSH 1.1.4 has an unauthorized stack overflow vulnerability when requesting the admin.cgi parameter with setUsernamePassword.

  • CVE-2021-46423Apr 27, 2022
    risk 0.00cvss epss 0.01

    Telesquare TLR-2005KSH 1.0.0 is affected by an unauthenticated file download vulnerability that allows a remote attacker to download a full configuration file.