Lantronix PremierWave 2050 OS Command Injection Vulnerability (CNVD-2022-04974)

The Lantronix PremierWave 2050 is an embedded Wi-Fi module manufactured by Lantronix.The Web Manager FsTFtp feature of the Lantronix PremierWave 2050 8.9.0.0R4 is vulnerable to an operating system command injection vulnerability that could be exploited by an attacker with a specially crafted HTTP...

Lantronix PremierWave 2050 OS Command Injection Vulnerability (CNVD-2022-04975)

The Lantronix PremierWave 2050 is an embedded Wi-Fi module manufactured by Lantronix. The Lantronix PremierWave 2050 is vulnerable to an operating system command injection vulnerability that could be exploited by an attacker to cause arbitrary command execution in the "EC keypasswd" parameter wit...

Netgear RBR750和NETGEAR 命令注入漏洞

Netgear RBR750 and NETGEAR are both products of Netgear, Inc.RBR750 is a home WiFi system.NETGEAR is a router. A hardware device that connects two or more networks and acts as a gateway between networks. NETGEAR suffers from a command injection vulnerability that arises from a network system or...

Netgear RBR750和NETGEAR 命令注入漏洞

Netgear RBR750 and NETGEAR are both products of Netgear, Inc.RBR750 is a home WiFi system.NETGEAR is a router. A hardware device that connects two or more networks and acts as a gateway between networks. NETGEAR suffers from a command injection vulnerability that arises from a network system or...

Netgear RBR750和NETGEAR 命令注入漏洞

Netgear RBR750 and NETGEAR are both products of Netgear, Inc.RBR750 is a home WiFi system.NETGEAR is a router. A hardware device that connects two or more networks and acts as a gateway between networks. NETGEAR suffers from a command injection vulnerability that arises from a network system or...

Lantronix PremierWave 2050 OS Command Injection Vulnerability (CNVD-2022-04976)

The Lantronix PremierWave 2050 is an embedded enterprise Wi-Fi module from Lantronix, Inc. Used to provide reliable and always-on 5G Wi-Fi connectivity, the Lantronix PremierWave 2050 version 8.9.0.0R4 is vulnerable to an operating system command injection vulnerability that can be exploited by...

CVE-2021-43984

mySCADA myPRO: Versions 8.20.0 and prior has a feature where the firmware can be updated, which may allow an attacker to inject arbitrary operating system commands through a specific parameter...

CVE-2021-21882

An OS command injection vulnerability exists in the Web Manager FsUnmount functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

CVE-2021-21883

An OS command injection vulnerability exists in the Web Manager Diagnostics: Ping functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

CVE-2021-21882

An OS command injection vulnerability exists in the Web Manager FsUnmount functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

CVE-2021-21873

A specially-crafted HTTP request can lead to arbitrary command execution in RSA keypasswd parameter. An attacker can make an authenticated HTTP request to trigger this vulnerability...

CVE-2021-21875

A specially-crafted HTTP request can lead to arbitrary command execution in EC keypasswd parameter. An attacker can make an authenticated HTTP request to trigger this vulnerability...

CVE-2021-21877

Specially-crafted HTTP requests can lead to arbitrary command execution in “GET” requests. An attacker can make authenticated HTTP requests to trigger this vulnerability...

CVE-2021-21872

An OS command injection vulnerability exists in the Web Manager Diagnostics: Traceroute functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

CVE-2021-21874

A specially-crafted HTTP request can lead to arbitrary command execution in DSA keypasswd parameter. An attacker can make an authenticated HTTP request to trigger this vulnerability...

CVE-2021-21877

Specially-crafted HTTP requests can lead to arbitrary command execution in “GET” requests. An attacker can make authenticated HTTP requests to trigger this vulnerability...

Command injection

An OS command injection vulnerability exists in the Web Manager Diagnostics: Ping functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

Command injection

An OS command injection vulnerability exists in the Web Manager SslGenerateCertificate functionality of Lantronix PremierWave 2050 8.9.0.0R4 in QEMU. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this...

Command injection

An OS command injection vulnerability exists in the Web Manager SslGenerateCSR functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

Design/Logic Flaw

Specially-crafted HTTP requests can lead to arbitrary command execution in PUT requests. An attacker can make authenticated HTTP requests to trigger this vulnerability...