4 matches found
Lantronix PremierWave 2050 Multiple Vulnerabilities (CVE-2021-21872; CVE-2021-21873; CVE-2021-21874; CVE-2021-21875; CVE-2021-21881; CVE-2021-21882; CVE-2021-21883; CVE-2021-21884; CVE-2021-21888)
Multiple vulnerabilities exist in Lantronix PremierWave 2050. Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary commands on the affected system...
CVE-2021-21873
A specially-crafted HTTP request can lead to arbitrary command execution in RSA keypasswd parameter. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2021-21873
CVE-2021-21873 affects Lantronix PremierWave 2050 Web Manager, where an authenticated HTTP request to the SSL credential upload endpoint can inject commands via the RSA keypasswd parameter. Talos details show multiple OS command injection vulnerabilities in the Web Manager’s SSL/Credentials page,...
Lantronix PremierWave 2050 Web Manager SSL Credential Upload OS command injection vulnerabilities
Summary Multiple OS command injection vulnerabilities exist in the Web Manager SSL Credential Upload functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these...