Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add detection for CVE-2024-29269 #63

Merged
merged 1 commit into from
Apr 15, 2024
Merged

Add detection for CVE-2024-29269 #63

merged 1 commit into from
Apr 15, 2024

Conversation

BlueSquare1
Copy link
Contributor

@BlueSquare1 BlueSquare1 commented Apr 15, 2024
edited

Tested ✅

@BlueSquare1 BlueSquare1 changed the base branch from main to exploit/CVE-2024-3273 April 15, 2024 13:17
benyissa
benyissa reviewed Apr 15, 2024
View reviewed changes
agent/exploits/cve_2024_29269.py
VULNERABILITY_DESCRIPTION = (
"Telesquare Tlr-2005Ksh is a Sk Telecom Lte router from South Korea's Telesquare company.Telesquare TLR-2005Ksh "
"versions 1.0.0 and 1.1.4 have an unauthorized remote command execution vulnerability. An attacker can exploit "
"this vulnerability to execute system commands without authorization through the Cmd parameter and obtain server "
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
"this vulnerability to execute system commands without authorization through the Cmd parameter and obtain server "
"this vulnerability to execute system commands without authorization through the cmd parameter and obtain server "

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • /cgi-bin/admin.cgi?Command=sysCommand&Cmd=ls

The parameter is Cmd, not cmd

@3asm 3asm merged commit 91acc89 into exploit/CVE-2024-3273 Apr 15, 2024
3 checks passed
@3asm 3asm deleted the exploit/CVE-2024-29269 branch April 15, 2024 14:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@benyissa benyissa benyissa left review comments

@3asm 3asm 3asm approved these changes

@PiranhaSa PiranhaSa PiranhaSa approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@BlueSquare1 @3asm @benyissa @PiranhaSa