QwikSec

Security Database

CVE

CWE

Training

CVE-2024-8256

Published: Dec 10, 2024

Modified: Dec 10, 2024

PUBLISHED

Description

In Teltonika Networks RUTOS devices, running on versions 7.0 to 7.8 (excluding) and TSWOS devices running on versions 1.0 to 1.3 (excluding), due to incorrect permission handling a vulnerability exists which allows a lower privileged user with default permissions to access critical device resources via the API.

Vendor	Product	Versions
Teltonika Networks	RUTOS	affected `7.0 - < 7.8`
Teltonika Networks	TSWOS	affected `1.0 - < 1.3`

Weaknesses (CWE)

References

https://www.deepcove.support/teltonika-responsible-disclosure-proactive-testing-report/

third-party-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.