Unlimited Login Vulnerability on Teltonika RTU950 R_31.04.89 Devices

Unlimited Login Vulnerability on Teltonika RTU950 R_31.04.89 Devices

CVE-2018-19878 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:N/A:C

An issue was discovered on Teltonika RTU950 R_31.04.89 devices. The application allows a user to login without limitation. For every successful login request, the application saves a session. A user can re-login without logging out, causing the application to store the session in memory. Exploitation of this vulnerability will increase memory use and consume free space.

Learn more about our User Device Pen Test.