CVE-2024-8256 Information

Description

In Teltonika Networks RUTOS devices running on versions 7.0 to 7.8 (excluding) and TSWOS devices running on versions 1.0 to 1.3 (excluding) due to incorrect permission handling a vulnerability exists which allows a lower privileged user with default permissions to access critical device resources via the API.

Reference

https://www.deepcove.support/teltonika-responsible-disclosure-proactive-testing-report/