EUVD-2021-9045

Malicious code in bioql PyPI...

CVE-2021-21873

A specially-crafted HTTP request can lead to arbitrary command execution in RSA keypasswd parameter. An attacker can make an authenticated HTTP request to trigger this vulnerability...

CVE-2021-21875

Lantronix PremierWave 2050 has OS command injection vulnerabilities in its Web Manager SSL Credential Upload feature. CVE-2021-21875 specifically allows authenticated attackers to inject commands via the EC keypasswd parameter, leading to arbitrary code execution with root privileges. The confirm...

CVE-2021-21875

A specially-crafted HTTP request can lead to arbitrary command execution in EC keypasswd parameter. An attacker can make an authenticated HTTP request to trigger this vulnerability...

CVE-2021-21873

CVE-2021-21873 affects Lantronix PremierWave 2050 Web Manager, where an authenticated HTTP request to the SSL credential upload endpoint can inject commands via the RSA keypasswd parameter. Talos details show multiple OS command injection vulnerabilities in the Web Manager’s SSL/Credentials page,...

PT-2021-14808 · Lantronix · Premierwave 2050 Firmware

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: A specially-crafted HTTP request can lead to arbitrary command execution in the keypasswd parameter. An attacker can make an authenticated HTTP request to trigger this issue. The...

Lantronix PremierWave 2050 操作系统命令注入漏洞

The Lantronix PremierWave 2050 is an embedded Wi-Fi module manufactured by Lantronix. The Lantronix PremierWave 2050 is vulnerable to an operating system command injection vulnerability that could be exploited by an attacker to cause arbitrary command execution in the "EC keypasswd" parameter wit...