CVE-2025-9603
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-29

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability was determined in Telesquare TLR-2005KSH 1.2.4. The affected element is an unknown function of the file /cgi-bin/internet.cgi?Command=lanCfg. Executing manipulation of the argument Hostname can lead to command injection. The attack may be performed from a remote location. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-29
Last Modified
2026-04-29
Generated
2026-05-07
AI Q&A
2025-08-29
EPSS Evaluated
2026-05-05
NVD
CVE-2025-9603
EUVD
EUVD-2025-26162
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
telesquare tlr-2005ksh_firmware 1.2.4
telesquare tlr-2005ksh *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-77 The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
CWE-74 The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-9603 is a command injection vulnerability in the Telesquare TLR-2005KSH version 1.2.4 LTE router. It exists in the /cgi-bin/internet.cgi script, specifically in the handling of the 'Command=lanCfg' parameter's 'Hostname' argument. Due to improper input sanitization, an attacker can inject arbitrary commands remotely without authentication, leading to unauthorized command execution on the device. [1, 2]


How can this vulnerability impact me? :

This vulnerability can impact you by allowing remote attackers to execute arbitrary commands on the affected router, potentially compromising the device's confidentiality, integrity, and availability. This could lead to unauthorized control over the router, disruption of network services, data interception, or further attacks within the network. [2]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by monitoring HTTP requests to the /cgi-bin/internet.cgi endpoint with the parameter Command=lanCfg, specifically looking for suspicious or malformed Hostname arguments that may contain command injection payloads. Network intrusion detection systems (NIDS) or web application firewalls (WAF) can be configured to alert on such patterns. A simple detection command using curl to test the vulnerability could be: curl -v "http://<router-ip>/cgi-bin/internet.cgi?Command=lanCfg&Hostname=;id" to see if command output is returned, indicating command injection. [1, 2]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include restricting access to the affected device's management interface from untrusted networks, disabling remote access if possible, and monitoring for suspicious activity targeting the /cgi-bin/internet.cgi endpoint. Since no official patches or vendor responses are available, consider replacing the affected Telesquare TLR-2005KSH 1.2.4 device with a secure alternative. Additionally, implement network-level protections such as firewalls or intrusion prevention systems to block exploitation attempts. [2]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart