Incorrect Access Control Vulnerability in TLR-2005KSH Allows Arbitrary File Upload

Incorrect Access Control Vulnerability in TLR-2005KSH Allows Arbitrary File Upload

CVE-2021-45428 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

TLR-2005KSH is affected by an incorrect access control vulnerability. THe PUT method is enabled so an attacker can upload arbitrary files including HTML and CGI formats.

Learn more about our Web Application Penetration Testing UK.