5 matches found
CVE-2021-21875
A specially-crafted HTTP request can lead to arbitrary command execution in EC keypasswd parameter. An attacker can make an authenticated HTTP request to trigger this vulnerability...
Lantronix PremierWave 2050 Multiple Vulnerabilities (CVE-2021-21872; CVE-2021-21873; CVE-2021-21874; CVE-2021-21875; CVE-2021-21881; CVE-2021-21882; CVE-2021-21883; CVE-2021-21884; CVE-2021-21888)
Multiple vulnerabilities exist in Lantronix PremierWave 2050. Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary commands on the affected system...
CVE-2021-21875
creationtimestamp| type| source ---|---|--- 2021-12-22 22:23:48+00:00| seen| https://t.me/cibsecurity/34544...
CVE-2021-21875
Lantronix PremierWave 2050 has OS command injection vulnerabilities in its Web Manager SSL Credential Upload feature. CVE-2021-21875 specifically allows authenticated attackers to inject commands via the EC keypasswd parameter, leading to arbitrary code execution with root privileges. The confirm...
Lantronix PremierWave 2050 Web Manager SSL Credential Upload OS command injection vulnerabilities
Summary Multiple OS command injection vulnerabilities exist in the Web Manager SSL Credential Upload functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these...