Lantronix PremierWave 2050 OS Command Injection Vulnerability (CNVD-2022-01599)

The Lantronix PremierWave 2050 is an embedded enterprise Wi-Fi module from Lantronix, Inc. The Lantronix PremierWave 2050 in version 8.9.0.0R4 contains a security vulnerability that originates when the Web Manager wireless network scanner feature fails to properly filter special characters, commands, etc. An authenticated attacker could use this vulnerability to potentially cause arbitrary command execution via a specially crafted HTTP request.