6 matches found
CVE-2021-21888
An OS command injection vulnerability exists in the Web Manager SslGenerateCertificate functionality of Lantronix PremierWave 2050 8.9.0.0R4 in QEMU. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this...
CVE-2021-21888
An OS command injection vulnerability exists in the Web Manager SslGenerateCertificate functionality of Lantronix PremierWave 2050 8.9.0.0R4 in QEMU. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this...
Command injection
An OS command injection vulnerability exists in the Web Manager SslGenerateCertificate functionality of Lantronix PremierWave 2050 8.9.0.0R4 in QEMU. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this...
CVE-2021-21888
An OS command injection vulnerability exists in the Web Manager SslGenerateCertificate functionality of Lantronix PremierWave 2050 8.9.0.0R4 in QEMU. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this...
CVE-2021-21888
The CVE-2021-21888 issue affects Lantronix PremierWave 2050 Web Manager SslGenerateCertificate. TALOS details show the Web Manager builds an OpenSSL-related certificate generation command by concatenating user-supplied HTTP POST fields (e.g., c, st, l, o, ou, cn, expires) into a command string ex...
Lantronix PremierWave 2050 Web Manager SslGenerateCertificate OS command injection vulnerability
Talos Vulnerability Report TALOS-2021-1332 Lantronix PremierWave 2050 Web Manager SslGenerateCertificate OS command injection vulnerability November 15, 2021 CVE Number CVE-2021-21888 Summary An OS command injection vulnerability exists in the Web Manager SslGenerateCertificate functionality of...