CVE-2024-29269

This repository contains a functional exploit for CVE-2024-29269, enabling unauthenticated OS command execution on TLR-2005KSH routers. The exploit supports both interactive and batch modes for command execution and scanning.

This repository contains a functional exploit for CVE-2024-29269, targeting unauthenticated OS command execution on TLR-2005KSH routers via a vulnerable CGI endpoint. The exploit supports interactive and batch modes for command execution and scanning.

The repository provides a technical description of CVE-2024-29269, an unauthorized remote command execution vulnerability in Telesquare TLR-2005KSH routers. It includes details on the vulnerable endpoint (`/cgi-bin/admin.cgi`) and a sample payload (`sysCommand&Cmd=ifconfig`), but lacks functional exploit code.

This is a functional PoC exploit for CVE-2024-29269, targeting Telesquare TLR-2005KSH devices. It demonstrates remote command execution via the `Cmd` parameter in the `/cgi-bin/admin.cgi` endpoint, with both single-target and multi-threaded scanning capabilities.

This is a Python-based exploit for CVE-2024-29269, targeting a command injection vulnerability in Telesquare TLR-2005KSH devices. It sends crafted HTTP requests to execute arbitrary commands via the `sysCommand` CGI parameter and parses XML responses to extract command output.

This repository contains a writeup for CVE-2024-29269, describing an unauthenticated OS command execution vulnerability in TLR-2005KSH routers. It includes search queries for finding affected devices but lacks actual exploit code.

This repository contains a Python-based exploit for CVE-2024-29269, which targets a command injection vulnerability in a web application. The exploit sends a crafted request to execute arbitrary commands via a vulnerable CGI endpoint.

The repository contains a functional exploit for CVE-2024-29269, demonstrating unauthenticated remote command execution on Telesquare TLR-2005KSH routers via the `Cmd` parameter in the `/cgi-bin/admin.cgi` endpoint. The YAML file includes a Nuclei template with a crafted HTTP request that triggers command execution and verifies the response.