14 matches found
EUVD-2014-8830
Malware in sbrugna...
EUVD-2014-8831
Malware in sbrugna...
EUVD-2016-5325
Malware in sbrugna...
Lantronix xPrintServer Privilege Gain Vulnerability
Lantronix xPrintServer is a print server from Lantronix Network Technologies USA. A security vulnerability exists in the Lantronix xPrintServer using firmware versions prior to 5.0.1-65 that stems from the program's use of hard-coded certificates. A remote attacker could exploit the vulnerability...
CVE-2016-4325
Lantronix xPrintServer devices with firmware before 5.0.1-65 have hardcoded credentials, which allows remote attackers to obtain root access via unspecified vectors...
CVE-2016-4325
Lantronix xPrintServer devices with firmware before 5.0.1-65 are affected by a hard-coded credentials issue that could allow an unauthenticated remote attacker to obtain root access. The vulnerability is tied to the device’s firmware prior to 5.0.1-65, and upgrading to 5.0.1-65 (which Lantronix s...
Lantronix xPrintServer contains multiple vulnerabilities
Overview The Lantronix xPrintServer and its accompanying cloud storage API contains several vulnerabilities. Description CWE-77: Improper Neutralization of Special Elements used in a Command 'Command Injection' - CVE-2014-9002An unauthenticated attacker can include a shell command inside the 'c'...
CVE-2014-9003
Cross-site request forgery CSRF vulnerability in Lantronix xPrintServer allows remote attackers to hijack the authentication of administrators for requests that modify configuration, as demonstrated by executing arbitrary commands using the c parameter in the rpc action...
CVE-2014-9002
Lantronix xPrintServer does not properly restrict access to ips/, which allows remote attackers to execute arbitrary commands via the c parameter in an rpc action...
Deserialization of untrusted data
Lantronix xPrintServer does not properly restrict access to ips/, which allows remote attackers to execute arbitrary commands via the c parameter in an rpc action...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in Lantronix xPrintServer allows remote attackers to hijack the authentication of administrators for requests that modify configuration, as demonstrated by executing arbitrary commands using the c parameter in the rpc action...
CVE-2014-9002
Lantronix xPrintServer does not properly restrict access to ips/, which allows remote attackers to execute arbitrary commands via the c parameter in an rpc action...
CVE-2014-9003
Cross-site request forgery CSRF vulnerability in Lantronix xPrintServer allows remote attackers to hijack the authentication of administrators for requests that modify configuration, as demonstrated by executing arbitrary commands using the c parameter in the rpc action...
Lantronix xPrintServer Remote Command Execution / CSRF
Hi, The Lantronix xPrintServer is a small Linux powered print server for iOS. Main configuration happens through a web interface. The problem is that the configuration happens through some RPC interface; the web interfaces uses AJAX requests to talk to a CGI script that simply executes shell...