Uyhacked

**Name of the Vulnerable Software and Affected Versions** Teldats Router versions RS123, RS123w **Description** The issue allows an attacker to execute arbitrary code via the `cmdcookie` parameter to the "upgrade/query.php" page. This enables the attacker to perform Cross Site Scripting attacks. **Recommendations** For Teldats Router versions RS123, RS123w, consider disabling access to the "upgrade/query.php" page until a patch is available. As a temporary workaround, avoid using the `cmdcookie` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Teldats Router RS123, RS123w (affected versions not specified) **Description** A weak password requirement issue was discovered, allowing a remote attacker to escalate privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.