CVE-2024-36829 – This vulnerability in Teldat M1 routers allows ... (How to Fix)

Q: What is the severity of CVE-2024-36829?

CVE-2024-36829 has a CVSS score of 7.5 (HIGH). This vulnerability in Teldat M1 routers allows attackers to bypass access controls and retrieve sensitive information by manipulating query strings. It affects organizations using Teldat M1 routers with vulnerable firmware. Attackers can exploit this without authentication to access confidential data.

📋 TL;DR

This vulnerability in Teldat M1 routers allows attackers to bypass access controls and retrieve sensitive information by manipulating query strings. It affects organizations using Teldat M1 routers with vulnerable firmware. Attackers can exploit this without authentication to access confidential data.

💻 Affected Systems

Products:

Teldat M1 Router

Versions: v11.00.05.50.01

Operating Systems: Embedded router OS

Default Config Vulnerable: ⚠️ Yes

Notes: All systems running the specified firmware version are vulnerable by default.

📦 What is this software?

M1 Firmware by Teldat

View all CVEs affecting M1 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of router configuration, credentials, and network information leading to full network access and data exfiltration.

🟠

Likely Case

Unauthorized access to sensitive router configuration data, potentially exposing network topology and credentials.

🟢

If Mitigated

Limited information disclosure if proper network segmentation and access controls are implemented.

🌐 Internet-Facing: HIGH - The vulnerability can be exploited remotely without authentication via crafted HTTP requests.

🏢 Internal Only: MEDIUM - Internal attackers could exploit this, but external exposure poses greater risk.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Proof of concept available in GitHub gist showing simple HTTP request exploitation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Unknown

Restart Required: No

Instructions:

Check Teldat vendor website for security updates. No official patch information available at this time.

🔧 Temporary Workarounds

Network Access Restriction

linux

Restrict access to Teldat M1 management interface to trusted IP addresses only.

iptables -A INPUT -p tcp --dport 80 -s TRUSTED_IP -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j DROP

Disable Web Interface

all

Disable HTTP management interface if not required, use CLI or secure alternatives.

telnet/SSH to router: disable http server

🧯 If You Can't Patch

Implement strict network segmentation to isolate Teldat M1 routers from untrusted networks
Enable comprehensive logging and monitoring for suspicious HTTP requests to the management interface

🔍 How to Verify

Check if Vulnerable:

Check firmware version via web interface or CLI. Test with crafted query string to sensitive endpoints.

Check Version:

Check web interface or use CLI command: show version

Verify Fix Applied:

Verify firmware version is updated beyond v11.00.05.50.01. Test exploitation attempts fail.

📡 Detection & Monitoring

Log Indicators:

Unusual HTTP requests with crafted query strings
Access to sensitive endpoints from unauthorized sources

Network Indicators:

HTTP requests with unusual query parameters to router management IP
Traffic patterns indicating information gathering

SIEM Query:

source_ip=ROUTER_IP AND (http_uri CONTAINS "sensitive" OR http_query CONTAINS unusual_patterns)

📊 Metadata

CVE ID: CVE-2024-36829

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-200

Published: June 26, 2024

Last Updated: October 20, 2025

🔗 References

https://gist.github.com/MILPDS/96843ccf7369ec1da643b7d6e22d428d Third Party Advisory
https://gist.github.com/MILPDS/96843ccf7369ec1da643b7d6e22d428d Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-36829, you might also want to check these: