20 matches found
EUVD-2014-8830
Malware in sbrugna...
EUVD-2014-8831
Malware in sbrugna...
EUVD-2016-5325
Malware in sbrugna...
Lantronix xPrintServer Privilege Gain Vulnerability
Lantronix xPrintServer is a print server from Lantronix Network Technologies USA. A security vulnerability exists in the Lantronix xPrintServer using firmware versions prior to 5.0.1-65 that stems from the program's use of hard-coded certificates. A remote attacker could exploit the vulnerability...
CVE-2016-4325
Lantronix xPrintServer devices with firmware before 5.0.1-65 have hardcoded credentials, which allows remote attackers to obtain root access via unspecified vectors...
CVE-2016-4325
Lantronix xPrintServer devices with firmware before 5.0.1-65 have hardcoded credentials, which allows remote attackers to obtain root access via unspecified vectors...
Hardcoded credentials
Lantronix xPrintServer devices with firmware before 5.0.1-65 have hardcoded credentials, which allows remote attackers to obtain root access via unspecified vectors...
CVE-2016-4325
Lantronix xPrintServer devices with firmware before 5.0.1-65 are affected by a hard-coded credentials issue that could allow an unauthenticated remote attacker to obtain root access. The vulnerability is tied to the device’s firmware prior to 5.0.1-65, and upgrading to 5.0.1-65 (which Lantronix s...
CVE-2016-4325
Lantronix xPrintServer devices with firmware before 5.0.1-65 have hardcoded credentials, which allows remote attackers to obtain root access via unspecified vectors...
Lantronix xPrintServer contains multiple vulnerabilities
Overview The Lantronix xPrintServer and its accompanying cloud storage API contains several vulnerabilities. Description CWE-77: Improper Neutralization of Special Elements used in a Command 'Command Injection' - CVE-2014-9002An unauthenticated attacker can include a shell command inside the 'c'...
CVE-2014-9003
Cross-site request forgery CSRF vulnerability in Lantronix xPrintServer allows remote attackers to hijack the authentication of administrators for requests that modify configuration, as demonstrated by executing arbitrary commands using the c parameter in the rpc action...
CVE-2014-9002
Lantronix xPrintServer does not properly restrict access to ips/, which allows remote attackers to execute arbitrary commands via the c parameter in an rpc action...
Deserialization of untrusted data
Lantronix xPrintServer does not properly restrict access to ips/, which allows remote attackers to execute arbitrary commands via the c parameter in an rpc action...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in Lantronix xPrintServer allows remote attackers to hijack the authentication of administrators for requests that modify configuration, as demonstrated by executing arbitrary commands using the c parameter in the rpc action...
CVE-2014-9002
Lantronix xPrintServer does not properly restrict access to ips/, which allows remote attackers to execute arbitrary commands via the c parameter in an rpc action...
CVE-2014-9003
Lantronix xPrintServer is affected by CSRF (CVE-2014-9003). A remote attacker can hijack an administrator’s session to modify configuration via the rpc action using the c parameter. This is described in multiple sources (NVD/CERT references) and is listed as addressed by firmware version 3.3.0. I...
CVE-2014-9003
Cross-site request forgery CSRF vulnerability in Lantronix xPrintServer allows remote attackers to hijack the authentication of administrators for requests that modify configuration, as demonstrated by executing arbitrary commands using the c parameter in the rpc action...
CVE-2014-9002
CVE-2014-9002 (Lantronix xPrintServer) : The device does not properly restrict access to the ips/ path, enabling an unauthenticated user to execute arbitrary commands via the c parameter in an rpc action (command injection). CERT/Intel sources indicate the issue’s fix was addressed by Lantronix i...
Lantronix xPrintServer Remote Command Execution / CSRF Vulnerabilities
Lantronix xPrintServer suffers from remote command execution and cross site request forgery vulnerabilities. Hi, The Lantronix xPrintServer is a small Linux powered print server for iOS. Main configuration happens through a web interface. The problem is that the configuration happens through some...
Lantronix xPrintServer Remote Command Execution / CSRF
Hi, The Lantronix xPrintServer is a small Linux powered print server for iOS. Main configuration happens through a web interface. The problem is that the configuration happens through some RPC interface; the web interfaces uses AJAX requests to talk to a CGI script that simply executes shell...