Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
teltonika remote management system vulnerabilities and exploits
(subscribe to this query)
8.3
CVSSv3
CVE-2023-2587
Teltonika’s Remote Management System versions before 4.10.0 contain a cross-site scripting (XSS) vulnerability in the main page of the web interface. An attacker with the MAC address and serial number of a connected device could send a maliciously crafted JSON file with an...
Teltonika Remote Management System
8.8
CVSSv3
CVE-2023-2588
Teltonika’s Remote Management System versions before 4.10.0 have a feature allowing users to access managed devices’ local secure shell (SSH)/web management services over the cloud proxy. A user can request a web proxy and obtain a URL in the Remote Management System...
Teltonika Remote Management System
5.3
CVSSv3
CVE-2023-32346
Teltonika’s Remote Management System versions before 4.10.0 contain a function that allows users to claim their devices. This function returns information based on whether the serial number of a device has already been claimed, the MAC address of a device has already been ...
Teltonika Remote Management System
9.8
CVSSv3
CVE-2023-32347
Teltonika’s Remote Management System versions before 4.10.0 use device serial numbers and MAC addresses to identify devices from the user perspective for device claiming and from the device perspective for authentication. If an attacker obtained the serial number and MAC a...
Teltonika Remote Management System
5.8
CVSSv3
CVE-2023-32348
Teltonika’s Remote Management System versions before 4.10.0 contain a virtual private network (VPN) hub feature for cross-device communication that uses OpenVPN. It connects new devices in a manner that allows the new device to communicate with all Teltonika devices connec...
Teltonika Remote Management System
9.8
CVSSv3
CVE-2023-2586
Teltonika’s Remote Management System versions 4.14.0 is vulnerable to an unauthorized attacker registering previously unregistered devices through the RMS platform. If the user has not disabled the "RMS management feature" enabled by default, then an attacker cou...
Teltonika Remote Management System 4.14.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started