Browse all 4 CVE security advisories affecting Telstra. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Telstra operates as a telecommunications provider offering internet, mobile, and fixed-line services to Australian consumers and businesses. Historically, the organization has faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often affecting web portals and customer-facing systems. While no major public security incidents have been widely documented, the company maintains a moderate CVE count, indicating typical exposure for large-scale telecom infrastructure. Security efforts focus on protecting customer data and maintaining service availability across its extensive network, with regular vulnerability management to address emerging threats in its digital services and communication platforms.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-54992 | OpenKilda XXE in SAML configuration — open-kildaCWE-611 | 7.5AI | HighAI | 2025-08-11 |
| CVE-2025-0697 | Telstra Smart Modem Gen 2 HTTP Header injection — Smart Modem Gen 2CWE-74 | 5.3 | Medium | 2025-01-24 |
| CVE-2023-43478 | Unauthenticated configuration restore and firmware update — Smart Modem Gen 2 (Arcadyan LH1000) | 8.8 | High | 2023-09-20 |
| CVE-2023-43477 | Post-Auth Command Injection in Telstra Smart Modem Gen 2 (Arcadyan LH1000) — Smart Modem Gen 2 (Arcadyan LH1000)CWE-77 | 6.8 | Medium | 2023-09-20 |
This page lists every published CVE security advisory associated with Telstra. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.