CVE-2020-5772

Name of the Vulnerable Software and Affected Versions Teltonika firmware version TRB2 R 00.02.04.01

Description The issue is related to improper input validation, allowing a remote, authenticated attacker to gain root privileges. This can be achieved by uploading a malicious package file.

Recommendations For Teltonika firmware version TRB2 R 00.02.04.01, consider restricting access to package file uploads until a fix is available. As a temporary workaround, limit the privileges of authenticated users to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.