Total
23 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-21892 | 1 Lantronix | 2 Premierwave 2050, Premierwave 2050 Firmware | 2022-04-28 | 6.5 MEDIUM | 9.9 CRITICAL |
| A stack-based buffer overflow vulnerability exists in the Web Manager FsUnmount functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2021-21888 | 1 Lantronix | 2 Premierwave 2050, Premierwave 2050 Firmware | 2022-04-28 | 9.0 HIGH | 9.1 CRITICAL |
| An OS command injection vulnerability exists in the Web Manager SslGenerateCertificate functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2021-21887 | 1 Lantronix | 2 Premierwave 2050, Premierwave 2050 Firmware | 2022-04-28 | 6.5 MEDIUM | 9.1 CRITICAL |
| A stack-based buffer overflow vulnerability exists in the Web Manager SslGenerateCSR functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||