1 results (0.032 seconds)
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-8256 – Incorrect Permission Assignment in RutOS based routers and TSWOS based managed switches
https://notcve.org/view.php?id=CVE-2024-8256
10 Dec 2024 — In Teltonika Networks RUTOS devices, running on versions 7.0 to 7.8 (excluding) and TSWOS devices running on versions 1.0 to 1.3 (excluding), due to incorrect permission handling a vulnerability exists which allows a lower privileged user with default permissions to access critical device resources via the API. • https://www.deepcove.support/teltonika-responsible-disclosure-proactive-testing-report • CWE-732: Incorrect Permission Assignment for Critical Resource •