Description

Telenium Online Web Application is vulnerable due to a Perl script that is called to load the login page. Due to improper input validation, an attacker can inject arbitrary Perl code through a crafted HTTP request, leading to remote code execution on the server.

Related CPE's

Could not find any relations

References

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2024/icsa-24-263-04.json

https://megasys.com/support/

https://www.cisa.gov/news-events/ics-advisories/icsa-24-263-04

Weaknesses

[email protected]

Primary
CWE-20

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.8 · Critical

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Received

Published

2025-12-24T21:16:04.710

2 hours ago

Last modified

2025-12-24T21:16:04.710

2 hours ago