CVE-2025-28361
Published: 26 March 2025
Description
Adversaries may exploit software vulnerabilities in an attempt to collect credentials.
Security Summary
CVE-2025-28361 is an unauthorized stack overflow vulnerability (CWE-120) affecting Telesquare TLR-2005KSH version 1.1.4. The flaw resides in the systemutil.cgi component, enabling remote attackers to obtain sensitive information. Published on 2025-03-26, it carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), indicating high confidentiality impact with no effects on integrity or availability.
A remote attacker requires no privileges or user interaction to exploit this vulnerability over the network with low complexity. Successful exploitation allows disclosure of sensitive information stored on the affected device, potentially exposing configuration data, credentials, or other proprietary details hosted by the Telesquare TLR-2005KSH router.
Advisories reference a GitHub repository at https://github.com/wyq-zzu/excavate/blob/main/2/1.md, which may provide additional technical details, though no specific patches or mitigation steps are detailed in available information.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The CVE describes a remote unauthenticated stack overflow in a public-facing CGI component (systemutil.cgi) on a network device, directly enabling T1190 (Exploit Public-Facing Application) for initial access and information disclosure. The high confidentiality impact, including potential exposure of credentials and configuration data, also facilitates T1212 (Exploitation for Credential Access).