MidnightBSD

Advisories for telindus

CVE-2002-0949 HIGH

Telindus 1100 series ADSL router allows remote attackers to gain privileges to the device via a certain packet to UDP port 9833, which generates a reply that includes the router's password and other sensitive information in cleartext.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
telindus adsl_router 1120
telindus adsl_router 1110
CVE-2002-2133 HIGH

Telindus 1100 ASDL router running firmware 6.0.x uses weak encryption for UDP session traffic, which allows remote attackers to gain unauthorized access by sniffing and decrypting the administrative password.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
telindus 1120_adsl_router 6.0.21b_firmware
CVE-2023-26097

An issue was discovered in Telindus Apsal 3.14.2022.235 b. Unauthorized actions that could modify the application behaviour may not be blocked.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 8.4 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.5 5.9

Products Affected

Vendor Product Version
telindus apsal 3.14.2022.235_b
CVE-2023-26098

An issue was discovered in the Open Document feature in Telindus Apsal 3.14.2022.235 b. An attacker may upload a crafted file to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 8.2 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H 1.5 6.0

Products Affected

Vendor Product Version
telindus apsal 3.14.2022.235_b
CVE-2023-26099

An issue was discovered in Telindus Apsal 3.14.2022.235 b. The consultation permission is insecure.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N 1.8 2.5

Products Affected

Vendor Product Version
telindus apsal 3.14.2022.235_b