- Description
- In Teltonika Networks Remote Management System (RMS), it is possible to perform account pre-hijacking by misusing the invite functionality. If a victim has a pending invite and registers to the platform directly, they are added to the attackers company without their knowledge. The victims account and their company can then be managed by the attacker.This issue affects RMS: before 5.7.
- Source
- 001d69cf-3fc9-4203-93fb-9865b54e05b2
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 7.2
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:L/VI:L/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-288
- Hype score
- Not currently trending
π¨ CVE-2025-4687 π΄ HIGH (7.2) π’ Teltonika Networks - RMS ποΈ 0 π https://t.co/z3Kc2q8yrR #CyberCron #VulnAlert #InfoSec https://t.co/YPgOXaiUjX
@cybercronai
30 May 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
π¨ High-severity flaw in Teltonika RMS (CVE-2025-4687): Attackers can hijack accounts via invite misuse. Update before v5.7 now! Details: https://t.co/isk5ukWeGv #OffSeq #Cybersecurity #CVE20254687 https://t.co/gPnuAq8m67
@offseq
29 May 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-4687 Account Pre-Hijacking Vulnerability in Teltonika Networks Remote M... https://t.co/NmbuRbcCeM Vulnerability Alert Subscriptions: https://t.co/hrQhy5uz4x
@VulmonFeeds
29 May 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-4687 In Teltonika Networks Remote Management System (RMS), it is possible to perform account pre-hijacking by misusing the invite functionality. If a victim has a pending in⦠https://t.co/aijWr2XAVD
@CVEnew
29 May 2025
377 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes