Lucene search
K

6 matches found

OSV
OSV
added 2022/10/24 2:15 p.m.6 views

CVE-2021-44776

A broken access control vulnerability in the SubNethandlerfunc function of spxrestservice allows an attacker to arbitrarily change the security access rights to KVM and Virtual Media functionalities. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...

5.3CVSS5.8AI score0.00443EPSS
Exploits0References2
OSV
OSV
added 2022/10/24 2:15 p.m.7 views

CVE-2021-26727

Multiple command injections and stack-based buffer overflows vulnerabilities in the SubNethandlerfunc function of spxrestservice allow an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10...

9.8CVSS6.4AI score0.02285EPSS
Exploits0References2
OSV
OSV
added 2022/10/24 2:15 p.m.6 views

CVE-2021-26729

Command injection and multiple stack-based buffer overflows vulnerabilities in the Loginhandlerfunc function of spxrestservice allow an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...

9.8CVSS6.4AI score0.02285EPSS
Exploits0References2
OSV
OSV
added 2022/10/24 2:15 p.m.7 views

CVE-2021-26733

A broken access control vulnerability in the FirstResethandlerfunc function of spxrestservice allows an attacker to arbitrarily send reboot commands to the BMC, causing a Denial-of-Service DoS condition. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...

7.5CVSS5.8AI score0.00652EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/10/24 12:0 a.m.8 views

CVE-2021-26729 spx_restservice Login_handler_func Command Injection and Multiple Stack-Based Buffer Overflows

Command injection and multiple stack-based buffer overflows vulnerabilities in the Loginhandlerfunc function of spxrestservice allow an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...

10CVSS10AI score0.02285EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/10/24 12:0 a.m.4 views

PT-2022-9790 · Lanner · Iac-Ast2500A

Name of the Vulnerable Software and Affected Versions: Lanner Inc IAC-AST2500A standard firmware version 1.10.0 Description: Command injection and stack-based buffer overflow vulnerabilities in the KillDupUsr func function of spx restservice allow an attacker to execute arbitrary code with the sa...

10CVSS10AI score0.02285EPSS
Exploits0References5
Rows per page
Query Builder