CVE-2021-46419

CRITICAL NUCLEI

Telesquare TLR-2855KS6 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-46419. PoCs published by Momen Eldawakhly. A Nuclei detection template is also available.

AI-analyzed exploit summary This exploit demonstrates an arbitrary file deletion vulnerability in Telesquare TLR-2855KS6 via a malformed HTTP DELETE request to /cgi-bin/test.cgi. The PoC includes a raw HTTP request with specific headers and a cookie, targeting a known endpoint to trigger the vulnerability.

Description

An unauthorized file deletion vulnerability in Telesquare TLR-2855KS6 via DELETE method can allow deletion of system files and scripts.

Exploits (1)

exploitdb WORKING POC

by Momen Eldawakhly · textwebappshardware

https://www.exploit-db.com/exploits/50863

View Code ZIP pw:eip

This exploit demonstrates an arbitrary file deletion vulnerability in Telesquare TLR-2855KS6 via a malformed HTTP DELETE request to /cgi-bin/test.cgi. The PoC includes a raw HTTP request with specific headers and a cookie, targeting a known endpoint to trigger the vulnerability.

Classification

Working Poc 90%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: Telesquare TLR-2855KS6

No auth needed

Prerequisites: Network access to the target device · Knowledge of the target IP address

MITRE ATT&CK

T1485 - Data Destruction

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

Telesquare TLR-2855KS6 - Arbitrary File Deletion

CRITICALVERIFIEDby DhiyaneshDK

Shodan: title:"Login to TLR-2855KS6" || http.title:"login to tlr-2855ks6"

FOFA: product=="TELESQUARE-TLR-2855KS6" || title="login to tlr-2855ks6" || product=="telesquare-tlr-2855ks6"

References (2)

Core 2

Core References

Exploit, Third Party Advisory x_refsource_misc

https://drive.google.com/drive/folders/1TWw3Oy0wZImSHK_hj-tKkbn9sFgqqySp

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/166675/Telesquare-TLR-2855KS6-Arbitrary-File-Deletion.html

Scores

CVSS v3 9.1

EPSS 0.7168

EPSS Percentile 99.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Details

Status published

Products (1)

telesquare/tlr-2855ks6_firmware

Published Apr 07, 2022

Tracked Since Feb 18, 2026