CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2022-39996
https://notcve.org/view.php?id=CVE-2022-39996
27 Aug 2024 — Cross Site Scripting vulnerability in Teldats Router RS123, RS123w allows attacker to execute arbitrary code via the cmdcookie parameter to the upgrade/query.php page. • https://github.com/uyhacked/Teldat-s-Router/blob/main/Teldat • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-39997
https://notcve.org/view.php?id=CVE-2022-39997
27 Aug 2024 — A weak password requirement issue was discovered in Teldats Router RS123, RS123w allows a remote attacker to escalate privileges • https://github.com/uyhacked/Teldat-s-Router/blob/main/Teldat • CWE-521: Weak Password Requirements •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36829
https://notcve.org/view.php?id=CVE-2024-36829
26 Jun 2024 — Incorrect access control in Teldat M1 v11.00.05.50.01 allows attackers to obtain sensitive information via a crafted query string. El control de acceso incorrecto en Teldat M1 v11.00.05.50.01 permite a los atacantes obtener información confidencial a través de una cadena de consulta manipulada. • https://gist.github.com/MILPDS/96843ccf7369ec1da643b7d6e22d428d • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •