Vulnerabilities > Teltonika
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-22 | CVE-2023-2586 | Improper Authentication vulnerability in Teltonika Remote Management System 4.14.0 Teltonika’s Remote Management System versions 4.14.0 is vulnerable to an unauthorized attacker registering previously unregistered devices through the RMS platform. | 9.8 |
| 2023-05-22 | CVE-2023-2587 | Cross-site Scripting vulnerability in Teltonika Remote Management System Teltonika’s Remote Management System versions prior to 4.10.0 contain a cross-site scripting (XSS) vulnerability in the main page of the web interface. | 8.3 |
| 2023-05-22 | CVE-2023-2588 | Inclusion of Web Functionality from an Untrusted Source vulnerability in Teltonika Remote Management System Teltonika’s Remote Management System versions prior to 4.10.0 have a feature allowing users to access managed devices’ local secure shell (SSH)/web management services over the cloud proxy. | 8.8 |
| 2023-05-22 | CVE-2023-32348 | Server-Side Request Forgery (SSRF) vulnerability in Teltonika Remote Management System Teltonika’s Remote Management System versions prior to 4.10.0 contain a virtual private network (VPN) hub feature for cross-device communication that uses OpenVPN. | 5.8 |
| 2023-05-22 | CVE-2023-32346 | Response Discrepancy Information Exposure vulnerability in Teltonika Remote Management System Teltonika’s Remote Management System versions prior to 4.10.0 contain a function that allows users to claim their devices. | 5.3 |
| 2023-05-22 | CVE-2023-32347 | Improper Authentication vulnerability in Teltonika Remote Management System Teltonika’s Remote Management System versions prior to 4.10.0 use device serial numbers and MAC addresses to identify devices from the user perspective for device claiming and from the device perspective for authentication. | 9.8 |
| 2019-06-19 | CVE-2018-19878 | Use After Free vulnerability in Teltonika Rut950 Firmware R31.04.89 An issue was discovered on Teltonika RTU950 R_31.04.89 devices. | 6.8 |
| 2019-03-28 | CVE-2018-19879 | Improper Restriction of Excessive Authentication Attempts vulnerability in Teltonika Rut950 Firmware R31.04.89 An issue was discovered in /cgi-bin/luci on Teltonika RTU9XX (e.g., RUT950) R_31.04.89 before R_00.05.00.5 devices. | 5.0 |
| 2018-10-15 | CVE-2018-17534 | Improper Authentication vulnerability in Teltonika Rut900 Firmware, Rut950 Firmware and Rut955 Firmware Teltonika RUT9XX routers with firmware before 00.04.233 provide a root terminal on a serial interface without proper access control. | 7.2 |
| 2018-10-15 | CVE-2018-17533 | Cross-site Scripting vulnerability in Teltonika Rut900 Firmware, Rut950 Firmware and Rut955 Firmware Teltonika RUT9XX routers with firmware before 00.05.01.1 are prone to cross-site scripting vulnerabilities in hotspotlogin.cgi due to insufficient user input sanitization. | 4.3 |