2 matches found
CVE-2021-21895
Summary: CVE-2021-21895 is a directory traversal vulnerability in the Web Manager FsTFtp feature of Lantronix PremierWave 2050 (version 8.9.0.0R4, in QEMU). The flaw arises from insufficient input validation in the FsTFtp Web Manager when handling the cwd parameter, enabling an authenticated user...
Lantronix PremierWave 2050 Web Manager FsTFtp directory traversal vulnerability
Summary A directory traversal vulnerability exists in the Web Manager FsTFtp functionality of Lantronix PremierWave 2050 8.9.0.0R4 in QEMU. A specially crafted HTTP request can lead to arbitrary file overwrite and arbitrary file disclosure. An attacker can make an authenticated HTTP request to...