Search criteria
4 vulnerabilities by telstra
CVE-2025-54992 (GCVE-0-2025-54992)
Vulnerability from cvelistv5 – Published: 2025-08-11 21:34 – Updated: 2025-08-12 15:44
VLAI?
Title
OpenKilda XXE in SAML configuration
Summary
OpenKilda is an open-source OpenFlow controller. Prior to version 1.164.0, an XML external entity (XXE) injection vulnerability was found in OpenKilda which in combination with GHSL-2025-024 allows unauthenticated attackers to exfiltrate information from the instance where the OpenKilda UI is running. This issue may lead to Information disclosure. This issue has been patched in version 1.164.0.
Severity ?
CWE
- CWE-611 - Improper Restriction of XML External Entity Reference
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| telstra | open-kilda |
Affected:
< 1.164.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54992",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-12T15:44:16.451111Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-12T15:44:24.225Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "open-kilda",
"vendor": "telstra",
"versions": [
{
"status": "affected",
"version": "\u003c 1.164.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenKilda is an open-source OpenFlow controller. Prior to version 1.164.0, an XML external entity (XXE) injection vulnerability was found in OpenKilda which in combination with GHSL-2025-024 allows unauthenticated attackers to exfiltrate information from the instance where the OpenKilda UI is running. This issue may lead to Information disclosure. This issue has been patched in version 1.164.0."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611: Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-11T21:34:48.750Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/telstra/open-kilda/security/advisories/GHSA-43rg-6r66-6hr7",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/telstra/open-kilda/security/advisories/GHSA-43rg-6r66-6hr7"
},
{
"name": "https://github.com/telstra/open-kilda/pull/5778",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/telstra/open-kilda/pull/5778"
},
{
"name": "https://github.com/telstra/open-kilda/commit/1eddb4983a6287d083e3e99a56dc4c291abd347e",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/telstra/open-kilda/commit/1eddb4983a6287d083e3e99a56dc4c291abd347e"
}
],
"source": {
"advisory": "GHSA-43rg-6r66-6hr7",
"discovery": "UNKNOWN"
},
"title": "OpenKilda XXE in SAML configuration"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-54992",
"datePublished": "2025-08-11T21:34:48.750Z",
"dateReserved": "2025-08-04T17:34:24.420Z",
"dateUpdated": "2025-08-12T15:44:24.225Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0697 (GCVE-0-2025-0697)
Vulnerability from cvelistv5 – Published: 2025-01-24 15:00 – Updated: 2025-02-12 20:01
VLAI?
Title
Telstra Smart Modem Gen 2 HTTP Header injection
Summary
A vulnerability, which was classified as problematic, was found in Telstra Smart Modem Gen 2 up to 20250115. This affects an unknown part of the component HTTP Header Handler. The manipulation of the argument Content-Disposition leads to injection. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.
Severity ?
5.3 (Medium)
5.3 (Medium)
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Telstra | Smart Modem Gen 2 |
Affected:
20250115
|
Credits
grunge (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0697",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-24T15:20:22.614185Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T20:01:20.391Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"HTTP Header Handler"
],
"product": "Smart Modem Gen 2",
"vendor": "Telstra",
"versions": [
{
"status": "affected",
"version": "20250115"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "grunge (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in Telstra Smart Modem Gen 2 up to 20250115. This affects an unknown part of the component HTTP Header Handler. The manipulation of the argument Content-Disposition leads to injection. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Es wurde eine problematische Schwachstelle in Telstra Smart Modem Gen 2 bis 20250115 gefunden. Dabei betrifft es einen unbekannter Codeteil der Komponente HTTP Header Handler. Durch das Manipulieren des Arguments Content-Disposition mit unbekannten Daten kann eine injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-707",
"description": "Improper Neutralization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-24T15:00:19.053Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-293223 | Telstra Smart Modem Gen 2 HTTP Header injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.293223"
},
{
"name": "VDB-293223 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.293223"
},
{
"name": "Submit #480045 | Telstra Smart Modem Generation 2 HTTP Response Header Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.480045"
},
{
"tags": [
"related"
],
"url": "https://github.com/bloodbile/Telstra-RHI"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-01-24T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-01-24T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-01-24T10:27:03.000Z",
"value": "VulDB entry last update"
}
],
"title": "Telstra Smart Modem Gen 2 HTTP Header injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-0697",
"datePublished": "2025-01-24T15:00:19.053Z",
"dateReserved": "2025-01-24T09:22:00.252Z",
"dateUpdated": "2025-02-12T20:01:20.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-43478 (GCVE-0-2023-43478)
Vulnerability from cvelistv5 – Published: 2023-09-20 13:03 – Updated: 2024-09-24 18:58
VLAI?
Title
Unauthenticated configuration restore and firmware update
Summary
fake_upload.cgi on the Telstra Smart Modem Gen 2 (Arcadyan LH1000), firmware versions < 0.18.15r, allows unauthenticated attackers to upload firmware images and configuration backups, which could allow them to alter the firmware or the configuration on the device, ultimately leading to code execution as root.
Severity ?
8.8 (High)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Telstra | Smart Modem Gen 2 (Arcadyan LH1000) |
Affected:
0 , < 0.18.15r
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:44:42.240Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2023-19"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:telstra:arcadyan_lh1000:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "arcadyan_lh1000",
"vendor": "telstra",
"versions": [
{
"lessThan": "0.18.15r",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-43478",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-24T18:56:11.095403Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-24T18:58:06.387Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Smart Modem Gen 2 (Arcadyan LH1000)",
"vendor": "Telstra",
"versions": [
{
"lessThan": "0.18.15r",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "fake_upload.cgi on the Telstra Smart Modem Gen 2 (Arcadyan LH1000), firmware versions \u0026lt; 0.18.15r, allows unauthenticated attackers to upload firmware images and configuration backups, which could allow them to alter the firmware or the configuration on the device, ultimately leading to code execution as root.\u0026nbsp;"
}
],
"value": "fake_upload.cgi on the Telstra Smart Modem Gen 2 (Arcadyan LH1000), firmware versions \u003c 0.18.15r, allows unauthenticated attackers to upload firmware images and configuration backups, which could allow them to alter the firmware or the configuration on the device, ultimately leading to code execution as root.\u00a0"
}
],
"impacts": [
{
"capecId": "CAPEC-176",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-176 Configuration/Environment Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-20T13:03:10.299Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"url": "https://www.tenable.com/security/research/tra-2023-19"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Unauthenticated configuration restore and firmware update",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2023-43478",
"datePublished": "2023-09-20T13:03:10.299Z",
"dateReserved": "2023-09-18T17:35:17.960Z",
"dateUpdated": "2024-09-24T18:58:06.387Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-43477 (GCVE-0-2023-43477)
Vulnerability from cvelistv5 – Published: 2023-09-20 12:41 – Updated: 2024-09-24 19:00
VLAI?
Title
Post-Auth Command Injection in Telstra Smart Modem Gen 2 (Arcadyan LH1000)
Summary
The ping_from parameter of ping_tracerte.cgi in the web UI of Telstra Smart Modem Gen 2 (Arcadyan LH1000), firmware versions < 0.18.15r, was not properly sanitized before being used in a system call, which could allow an authenticated attacker to achieve command injection as root on the device.
Severity ?
6.8 (Medium)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Telstra | Smart Modem Gen 2 (Arcadyan LH1000) |
Affected:
0 , < 0.18.15r
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:44:43.292Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2023-19"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:telstra:arcadyan_lh1000:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "arcadyan_lh1000",
"vendor": "telstra",
"versions": [
{
"lessThan": "0.18.15r",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-43477",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-24T18:59:33.342788Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-24T19:00:27.334Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Smart Modem Gen 2 (Arcadyan LH1000)",
"vendor": "Telstra",
"versions": [
{
"lessThan": "0.18.15r",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The ping_from parameter of ping_tracerte.cgi in the web UI of Telstra Smart Modem Gen 2 (Arcadyan LH1000), firmware versions \u0026lt; 0.18.15r, was not properly sanitized before being used in a system call, which could allow an authenticated attacker to achieve command injection as root on the device.\u0026nbsp;"
}
],
"value": "The ping_from parameter of ping_tracerte.cgi in the web UI of Telstra Smart Modem Gen 2 (Arcadyan LH1000), firmware versions \u003c 0.18.15r, was not properly sanitized before being used in a system call, which could allow an authenticated attacker to achieve command injection as root on the device.\u00a0"
}
],
"impacts": [
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248 Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-20T12:41:03.578Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"url": "https://www.tenable.com/security/research/tra-2023-19"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Post-Auth Command Injection in Telstra Smart Modem Gen 2 (Arcadyan LH1000)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2023-43477",
"datePublished": "2023-09-20T12:41:03.578Z",
"dateReserved": "2023-09-18T17:35:17.960Z",
"dateUpdated": "2024-09-24T19:00:27.334Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}