3 matches found
Lantronix PremierWave 2050 Multiple Vulnerabilities (CVE-2021-21872; CVE-2021-21873; CVE-2021-21874; CVE-2021-21875; CVE-2021-21881; CVE-2021-21882; CVE-2021-21883; CVE-2021-21884; CVE-2021-21888)
Multiple vulnerabilities exist in Lantronix PremierWave 2050. Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary commands on the affected system...
CVE-2021-21884
An OS command injection vulnerability exists in the Web Manager SslGenerateCSR functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2021-21884
CVE-2021-21884 affects Lantronix PremierWave 2050, specifically the Web Manager SslGenerateCSR feature. TALOS details a OS command-injection in the CSR generation flow: an authenticated user can submit crafted POST parameters (c, st, l, o, ou, cn, etc.) that are concatenated into a shell command ...