mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-30 09:09:31 +02:00
0xMarcio
922 B
922 B
CVE-2025-4687
Description
In Teltonika Networks Remote Management System (RMS), it is possible to perform account pre-hijacking by misusing the invite functionality. If a victim has a pending invite and registers to the platform directly, they are added to the attackers company without their knowledge. The victims account and their company can then be managed by the attacker.This issue affects RMS: before 5.7.
POC
Reference
Github
No PoCs found on GitHub currently.