20 matches found
EUVD-2014-8830
Malware in sbrugna...
EUVD-2014-8831
Malware in sbrugna...
EUVD-2016-5325
Malware in sbrugna...
Lantronix xPrintServer Privilege Gain Vulnerability
Lantronix xPrintServer is a print server from Lantronix Network Technologies USA. A security vulnerability exists in the Lantronix xPrintServer using firmware versions prior to 5.0.1-65 that stems from the program's use of hard-coded certificates. A remote attacker could exploit the vulnerability...
CVE-2016-4325
Lantronix xPrintServer devices with firmware before 5.0.1-65 have hardcoded credentials, which allows remote attackers to obtain root access via unspecified vectors...
CVE-2016-4325
Lantronix xPrintServer devices with firmware before 5.0.1-65 have hardcoded credentials, which allows remote attackers to obtain root access via unspecified vectors...
Hardcoded credentials
Lantronix xPrintServer devices with firmware before 5.0.1-65 have hardcoded credentials, which allows remote attackers to obtain root access via unspecified vectors...
CVE-2016-4325
Lantronix xPrintServer devices with firmware before 5.0.1-65 have hardcoded credentials, which allows remote attackers to obtain root access via unspecified vectors...
CVE-2016-4325
Lantronix xPrintServer devices with firmware before 5.0.1-65 are affected by a hard-coded credentials issue that could allow an unauthenticated remote attacker to obtain root access. The vulnerability is tied to the device’s firmware prior to 5.0.1-65, and upgrading to 5.0.1-65 (which Lantronix s...
Lantronix xPrintServer contains multiple vulnerabilities
Overview The Lantronix xPrintServer and its accompanying cloud storage API contains several vulnerabilities. Description CWE-77: Improper Neutralization of Special Elements used in a Command 'Command Injection' - CVE-2014-9002An unauthenticated attacker can include a shell command inside the 'c'...
CVE-2014-9003
Cross-site request forgery CSRF vulnerability in Lantronix xPrintServer allows remote attackers to hijack the authentication of administrators for requests that modify configuration, as demonstrated by executing arbitrary commands using the c parameter in the rpc action...
CVE-2014-9002
Lantronix xPrintServer does not properly restrict access to ips/, which allows remote attackers to execute arbitrary commands via the c parameter in an rpc action...
Deserialization of untrusted data
Lantronix xPrintServer does not properly restrict access to ips/, which allows remote attackers to execute arbitrary commands via the c parameter in an rpc action...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in Lantronix xPrintServer allows remote attackers to hijack the authentication of administrators for requests that modify configuration, as demonstrated by executing arbitrary commands using the c parameter in the rpc action...
CVE-2014-9002
Lantronix xPrintServer does not properly restrict access to ips/, which allows remote attackers to execute arbitrary commands via the c parameter in an rpc action...
CVE-2014-9003
Cross-site request forgery CSRF vulnerability in Lantronix xPrintServer allows remote attackers to hijack the authentication of administrators for requests that modify configuration, as demonstrated by executing arbitrary commands using the c parameter in the rpc action...
CVE-2014-9003
Lantronix xPrintServer is affected by CSRF (CVE-2014-9003). A remote attacker can hijack an administrator’s session to modify configuration via the rpc action using the c parameter. This is described in multiple sources (NVD/CERT references) and is listed as addressed by firmware version 3.3.0. I...
CVE-2014-9002
CVE-2014-9002 (Lantronix xPrintServer) : The device does not properly restrict access to the ips/ path, enabling an unauthenticated user to execute arbitrary commands via the c parameter in an rpc action (command injection). CERT/Intel sources indicate the issue’s fix was addressed by Lantronix i...
Lantronix xPrintServer Remote Command Execution / CSRF Vulnerabilities
Lantronix xPrintServer suffers from remote command execution and cross site request forgery vulnerabilities. Hi, The Lantronix xPrintServer is a small Linux powered print server for iOS. Main configuration happens through a web interface. The problem is that the configuration happens through some...
Lantronix xPrintServer Remote Command Execution / CSRF
Hi, The Lantronix xPrintServer is a small Linux powered print server for iOS. Main configuration happens through a web interface. The problem is that the configuration happens through some RPC interface; the web interfaces uses AJAX requests to talk to a CGI script that simply executes shell...