CVE-2023-2588

Name of the Vulnerable Software and Affected Versions Teltonika’s Remote Management System versions prior to 4.10.0

Description The issue allows users to access managed devices’ local secure shell (SSH)/web management services over the cloud proxy. A user can request a web proxy and obtain a URL in the Remote Management System cloud subdomain, which could be shared with others without Remote Management System authentication. An attacker could exploit this to create a malicious webpage that uses a trusted and certified domain. The attacker could initiate a reverse shell when a victim connects to the malicious webpage, achieving remote code execution on the victim device.

Recommendations For versions prior to 4.10.0, update to version 4.10.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the web proxy feature in the Remote Management System until a patch is applied. Additionally, avoid sharing URLs obtained through the web proxy feature with unauthenticated users to minimize the risk of exploitation.