118 matches found
CVE-2021-44776
CVE-2021-44776 describes a broken access control in the SubNet_handler_func of spx_restservice, affecting Lanner Inc IAC-AST2500A standard firmware version 1.10.0. The vulnerability enables an attacker to arbitrarily change security access rights to KVM and Virtual Media functions. Sources consis...
PT-2022-12125 · Lanner · Iac-Ast2500A
Name of the Vulnerable Software and Affected Versions: Lanner Inc IAC-AST2500A standard firmware version 1.10.0 Description: A broken access control vulnerability in the KillDupUsr func function of spx restservice allows an attacker to arbitrarily terminate active sessions of other users, causing...
CVE-2021-44769 TLS Certificate Generation Function Improper Input Validation
An improper input validation vulnerability in the TLS certificate generation function allows an attacker to cause a Denial-of-Service DoS condition which can only be reverted via a factory reset. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...
Lanner IAC-AST2500A 输入验证错误漏洞
The Lanner IAC-AST2500A is a module and accelerator card from Lanner. It is suitable for Lanner network devices to support remote management and monitoring of system operation based on the IPMI standard. An input validation error vulnerability exists in the Lanner IAC-AST2500A standard firmware...
CVE-2021-46279 Session Fixation and Insufficient Session Expiration
Session fixation and insufficient session expiration vulnerabilities allow an attacker to perfom session hijacking attacks against users. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...
Lanner IAC-AST2500A 授权问题漏洞
The Lanner IAC-AST2500A is a module and accelerator card from Lanner. It is suitable for Lanner network devices to support remote management and monitoring of system operation based on the IPMI standard. An authorization issue vulnerability exists in the Lanner IAC-AST2500A standard firmware...
CVE-2021-26730 spx_restservice Login_handler_func Subfunction Stack-Based Buffer Overflow
A stack-based buffer overflow vulnerability in a subfunction of the Loginhandlerfunc function of spxrestservice allows an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...
CVE-2021-44769 TLS Certificate Generation Function Improper Input Validation
An improper input validation vulnerability in the TLS certificate generation function allows an attacker to cause a Denial-of-Service DoS condition which can only be reverted via a factory reset. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...
CVE-2021-26731 spx_restservice modifyUserb_func Command Injection and Multiple Stack-Based Buffer Overflows
Command injection and multiple stack-based buffer overflows vulnerabilities in the modifyUserbfunc function of spxrestservice allow an authenticated attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware...
CVE-2021-26727 spx_restservice SubNet_handler_func Multiple Command Injections and Stack-Based Buffer Overflows
Multiple command injections and stack-based buffer overflows vulnerabilities in the SubNethandlerfunc function of spxrestservice allow an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10...
PT-2022-11583 · Lanner · Iac-Ast2500A
Name of the Vulnerable Software and Affected Versions: Lanner Inc IAC-AST2500A standard firmware version 1.00.0 Description: The issue allows an attacker to perform Man-in-the-Middle MitM attacks, even when an HTTPS connection is present, due to the use of a hard-coded TLS certificate by default...
CVE-2021-44769
CVE-2021-44769 describes an improper input validation vulnerability in the TLS certificate generation function of Lanner IAC-AST2500A standard firmware 1.10.0 . The root cause is input validation flaws in the TLS certificate generation feature, which can trigger a denial-of-service condition. The...
CVE-2021-26733
CVE-2021-26733 affects Lanner Inc IAC-AST2500A standard firmware version 1.10.0, via a broken access control in spx_restservice’s FirstReset_handler_func that allows an attacker to arbitrarily send reboot commands to the BMC, causing a DoS. No exploit details are provided in the core documents. A...
CVE-2021-26731
CVE-2021-26731 affects Lanner Inc IAC-AST2500A standard firmware 1.10.0. Vulnerabilities in spx_restservice.modifyUserb_func enable command injection and multiple stack-based/heap buffer overflows, allowing an authenticated attacker to execute arbitrary code with the server user’s (root) privileg...
CVE-2021-26728
CVE-2021-26728 affects Lanner IAC-AST2500A standard firmware 1.10.0. The issue resides in KillDupUsr_func within spx_restservice, enabling command injection and stack-based (and heap-based per CNNVD) buffering flaws that could allow an attacker to execute arbitrary code with root privileges on th...
CVE-2021-44467
CVE-2021-44467 affects Lanner IAC-AST2500A standard firmware 1.10.0 and involves a broken access control in spx_restservice KillDupUsr_func that can terminate other users’ active sessions, enabling DoS. Some sources note it could be chained with CVE-2021-26728 to enable remote code execution with...
CVE-2021-26727
CVE-2021-26727 affects Lanner Inc IAC-AST2500A standard firmware (version 1.10.0). The vulnerabilities are in the spx_restservice SubNet_handler_func, enabling multiple command injections and stack/heap-based buffer overflows that can permit remote code execution with root privileges over the net...
CVE-2021-4228
CVE-2021-4228 affects Lanner Inc IAC-AST2500A standard firmware version 1.00.0. The root cause is the default use of a hard-coded TLS certificate, enabling MITM attacks even over HTTPS. Documents consistently describe this issue for the IAC-AST2500A firmware and reference updated firmware to addr...
CVE-2021-45925
CVE-2021-45925 affects Lanner Inc IAC-AST2500A standard firmware v1.10.0. Multiple connected sources confirm a vulnerability in the login process that allows observable discrepancies enabling an attacker to enumerate/guess legitimate BMC usernames. The root cause is described as a login process d...
CVE-2021-46279
CVE-2021-46279 affects Lanner Inc IAC-AST2500A firmware 1.10.0. Reported vulnerabilities are session fixation and insufficient session expiration that enable session hijacking. Public details note the issue is tied to Lanner IAC-AST2500A and propose mitigation such as disabling the session manage...