CVE-2025-26010
Published: 26 March 2025
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2025-26010 affects the Telesquare TLR-2005KSH router running version 1.1.4. The vulnerability enables unauthorized password modification through a request to the admin.cgi parameter using the setUserNamePassword function, bypassing proper access controls. Classified under CWE-284 (Improper Access Control), it received a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) upon publication on 2025-03-26.
The flaw is exploitable by unauthenticated remote attackers with network access, requiring low complexity and no user interaction. Exploitation allows modification of administrative passwords, resulting in high-impact compromise of confidentiality, integrity, and availability, potentially granting full control over the affected device.
Mitigation details are available in the referenced advisory at https://github.com/Fan-24/Digging/blob/main/9/1.md.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The CVE describes a remote unauthenticated exploit in the router's public-facing web admin interface (admin.cgi/setUserNamePassword) that bypasses access controls to modify passwords and gain full device control, directly mapping to exploitation of public-facing applications for initial access.