CVE-2024-29269

HIGH EXPLOITED IN THE WILD NUCLEI

Telesquare TLR-2005KSH - Remote Command Execution

Title source: nuclei

Exploitation Summary

CVE-2024-29269 has been observed exploited in the wild (reported by VulnCheck KEV, InTheWild.io). EIP tracks 8 public exploits from researchers including Chocapikk, hack-with-rohit, K3ysTr0K3R. A Nuclei detection template is also available.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2024-29269, enabling unauthenticated OS command execution on TLR-2005KSH routers. The exploit supports both interactive and batch modes for command execution and scanning.

Description

An issue discovered in Telesquare TLR-2005Ksh 1.0.0 and 1.1.4 allows attackers to run arbitrary system commands via the Cmd parameter.

Exploits (8)

nomisec WORKING POC 17 stars

by Chocapikk · remote

https://github.com/Chocapikk/CVE-2024-29269

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2024-29269, enabling unauthenticated OS command execution on TLR-2005KSH routers. The exploit supports both interactive and batch modes for command execution and scanning.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: TLR-2005KSH routers

No auth needed

Prerequisites: Network access to the target router · Router must be vulnerable to CVE-2024-29269

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC 5 stars

by hack-with-rohit · remote

https://github.com/hack-with-rohit/CVE-2024-29269-RCE

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2024-29269, targeting unauthenticated OS command execution on TLR-2005KSH routers via a vulnerable CGI endpoint. The exploit supports interactive and batch modes for command execution and scanning.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: TLR-2005KSH routers

No auth needed

Prerequisites: Network access to the vulnerable router · CGI endpoint exposed and accessible

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC 5 stars

by K3ysTr0K3R · remote

https://github.com/K3ysTr0K3R/CVE-2024-29269-EXPLOIT

View Code ZIP pw:eip

This is a functional PoC exploit for CVE-2024-29269, targeting Telesquare TLR-2005KSH devices. It demonstrates remote command execution via the `Cmd` parameter in the `/cgi-bin/admin.cgi` endpoint, with both single-target and multi-threaded scanning capabilities.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Telesquare TLR-2005KSH versions 1.0.0 and 1.1.4

No auth needed

Prerequisites: Network access to the target device · Exposed `/cgi-bin/admin.cgi` endpoint

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1210 - Exploitation of Remote Services

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WRITEUP 5 stars

by wutalent · remote

https://github.com/wutalent/CVE-2024-29269

View Code ZIP pw:eip

The repository provides a technical description of CVE-2024-29269, an unauthorized remote command execution vulnerability in Telesquare TLR-2005KSH routers. It includes details on the vulnerable endpoint (`/cgi-bin/admin.cgi`) and a sample payload (`sysCommand&Cmd=ifconfig`), but lacks functional exploit code.

Classification

Writeup 80%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Telesquare TLR-2005KSH versions 1.0.0 and 1.1.4

No auth needed

Prerequisites: Network access to the vulnerable router

MITRE ATT&CK

T1210 - Exploitation of Remote Services

devstral-2 · analyzed Feb 18, 2026 Full analysis →

nomisec WRITEUP 1 stars

by chsxthwik · poc

https://github.com/chsxthwik/CVE-2024-29269

View Code ZIP pw:eip

This repository contains a writeup for CVE-2024-29269, describing an unauthenticated OS command execution vulnerability in TLR-2005KSH routers. It includes search queries for finding affected devices but lacks actual exploit code.

Classification

Writeup 80%

Attack Type

Rce

Complexity

Trivial

Reliability

Theoretical

Target: TLR-2005KSH routers

No auth needed

Prerequisites: Network access to the vulnerable router

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC 1 stars

by YongYe-Security · remote

https://github.com/YongYe-Security/CVE-2024-29269

View Code ZIP pw:eip

This is a Python-based exploit for CVE-2024-29269, targeting a command injection vulnerability in Telesquare TLR-2005KSH devices. It sends crafted HTTP requests to execute arbitrary commands via the `sysCommand` CGI parameter and parses XML responses to extract command output.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Telesquare TLR-2005KSH

No auth needed

Prerequisites: Network access to the target device · CGI endpoint exposed at `/cgi-bin/admin.cgi`

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC

by dream434 · remote

https://github.com/dream434/CVE-2024-29269

View Code ZIP pw:eip

This repository contains a Python-based exploit for CVE-2024-29269, which targets a command injection vulnerability in a web application. The exploit sends a crafted request to execute arbitrary commands via a vulnerable CGI endpoint.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Unknown (CGI-based web application)

No auth needed

Prerequisites: Python 3.x · requests library · network access to target

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

vulncheck_xdb WORKING POC

remote

https://github.com/Quantum-Hacker/CVE-2024-29269

View Code ZIP pw:eip

The repository contains a functional exploit for CVE-2024-29269, demonstrating unauthenticated remote command execution on Telesquare TLR-2005KSH routers via the `Cmd` parameter in the `/cgi-bin/admin.cgi` endpoint. The YAML file includes a Nuclei template with a crafted HTTP request that triggers command execution and verifies the response.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Telesquare TLR-2005KSH versions 1.0.0 and 1.1.4

No auth needed

Prerequisites: network access to the target router

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 25, 2026 Full analysis →

Nuclei Templates (1)

Telesquare TLR-2005KSH - Remote Command Execution

CRITICALby ritikchaddha

Shodan: title:"Login to TLR-2005KSH"

References (1)

Core 1

Core References

Exploit, Third Party Advisory

https://github.com/wutalent/CVE-2024-29269/blob/main/index.md

View Exploit ZIP pw:eip

Scores

CVSS v3 8.8

EPSS 0.0590

EPSS Percentile 92.3%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

VulnCheck KEV 2024-09-18

InTheWild.io 2024-09-18

CWE

CWE-77

Status published

Products (2)

telesquare/tlr-2005ksh_firmware 1.0.0

telesquare/tlr-2005ksh_firmware 1.1.4

Published Apr 10, 2024

Tracked Since Feb 18, 2026