Tlr 2005ksh Firmware

tlr-2005ksh_firmware

Vendor: Telesquare • 17 CVEs

CVEs (17)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-9603 1Telesquare 1Tlr 2005ksh Firmware Apr 29, 2026 Aug 29, 2025 2.1 LOW· v4 9.8 CRITICAL· v3 6.5 MEDIUM· v2 A vulnerability was determined in Telesquare TLR-2005KSH 1.2.4. The affected element is an unknown function of the file /cgi-bin/internet.cgi?Command=lanCfg. Executing manipulation of the argument Hostname can lead to co...Show more A vulnerability was determined in Telesquare TLR-2005KSH 1.2.4. The affected element is an unknown function of the file /cgi-bin/internet.cgi?Command=lanCfg. Executing manipulation of the argument Hostname can lead to command injection. The attack may be performed from a remote location. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2025-28361 1Telesquare 1Tlr 2005ksh Firmware Apr 1, 2025 Mar 26, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Unauthorized stack overflow vulnerability in Telesquare TLR-2005KSH v.1.1.4 allows a remote attacker to obtain sensitive information via the systemutil.cgi component.
CVE-2025-26011 1Telesquare 1Tlr 2005ksh Firmware Apr 1, 2025 Mar 26, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Telesquare TLR-2005KSH 1.1.4 has an unauthorized stack overflow vulnerability when requesting the admin.cgi parameter with setUsernamePassword.
CVE-2025-26010 1Telesquare 1Tlr 2005ksh Firmware Apr 1, 2025 Mar 26, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Telesquare TLR-2005KSH 1.1.4 allows unauthorized password modification when requesting the admin.cgi parameter with setUserNamePassword.
CVE-2025-26009 1Telesquare 1Tlr 2005ksh Firmware Apr 1, 2025 Mar 26, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Telesquare TLR-2005KSH 1.1.4 has an Information Disclosure vulnerability when requesting systemutilit.cgi.
CVE-2025-26008 1Telesquare 1Tlr 2005ksh Firmware Apr 1, 2025 Mar 26, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In Telesquare TLR-2005KSH 1.1.4, an unauthorized stack overflow vulnerability exists when requesting admin.cgi parameter with setSyncTimeHost.
CVE-2025-26007 1Telesquare 1Tlr 2005ksh Firmware Apr 1, 2025 Mar 26, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Telesquare TLR-2005KSH 1.1.4 has an unauthorized stack overflow vulnerability in the login interface when requesting systemtil.cgi.
CVE-2025-26006 1Telesquare 1Tlr 2005ksh Firmware Apr 1, 2025 Mar 26, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Telesquare TLR-2005KSH 1.1.4 has an unauthorized stack overflow vulnerability when requesting the admin.cgi parameter with setAutorest.
CVE-2025-26005 1Telesquare 1Tlr 2005ksh Firmware Apr 1, 2025 Mar 26, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Telesquare TLR-2005KSH 1.1.4 is vulnerable to unauthorized stack overflow vulnerability when requesting admin.cgi parameter with setNtp.
CVE-2025-26004 1Telesquare 1Tlr 2005ksh Firmware Apr 1, 2025 Mar 26, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Telesquare TLR-2005KSH 1.1.4 is vulnerable to unauthorized stack buffer overflow vulnerability when requesting admin.cgi parameter with setDdns.
CVE-2025-26003 1Telesquare 1Tlr 2005ksh Firmware Apr 1, 2025 Mar 26, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Telesquare TLR-2005KSH 1.1.4 is affected by an unauthorized command execution vulnerability when requesting the admin.cgi parameter with setAutorest.
CVE-2025-26002 1Telesquare 1Tlr 2005ksh Firmware Apr 1, 2025 Mar 26, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Telesquare TLR-2005KSH 1.1.4 is affected by an unauthorized stack overflow vulnerability when requesting the admin.cgi parameter with setSyncTimeHost.
CVE-2025-26001 1Telesquare 1Tlr 2005ksh Firmware Apr 1, 2025 Mar 26, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Telesquare TLR-2005KSH 1.1.4 is vulnerable to Information Disclosure via the parameter getUserNamePassword.
CVE-2024-29269 1Telesquare 1Tlr 2005ksh Firmware Jun 17, 2025 Apr 10, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 An issue discovered in Telesquare TLR-2005Ksh 1.0.0 and 1.1.4 allows attackers to run arbitrary system commands via the Cmd parameter.
CVE-2021-46424 1Telesquare 1Tlr 2005ksh Firmware Nov 21, 2024 Apr 27, 2022 N/A· v4 9.1 CRITICAL· v3 9.4 HIGH· v2 Telesquare TLR-2005KSH 1.0.0 is affected by an arbitrary file deletion vulnerability that allows a remote attacker to delete any file, even system internal files, via a DELETE request.
CVE-2021-46423 1Telesquare 1Tlr 2005ksh Firmware Nov 21, 2024 Apr 27, 2022 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 Telesquare TLR-2005KSH 1.0.0 is affected by an unauthenticated file download vulnerability that allows a remote attacker to download a full configuration file.
CVE-2021-45428 1Telesquare 1Tlr 2005ksh Firmware Nov 21, 2024 Jan 3, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 TLR-2005KSH is affected by an incorrect access control vulnerability. THe PUT method is enabled so an attacker can upload arbitrary files including HTML and CGI formats.