Vulnerabilities (CVE)

Filtered by vendor Lantronix Subscribe

Filtered by product Premierwave 2050 Firmware

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 4 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-21882	1 Lantronix	2 Premierwave 2050, Premierwave 2050 Firmware	2022-04-28	9.0 HIGH	8.8 HIGH
An OS command injection vulnerability exists in the Web Manager FsUnmount functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
CVE-2021-21880	1 Lantronix	2 Premierwave 2050, Premierwave 2050 Firmware	2022-04-28	6.5 MEDIUM	7.2 HIGH
A directory traversal vulnerability exists in the Web Manager FsCopyFile functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to local file inclusion. An attacker can make an authenticated HTTP request to trigger this vulnerability.
CVE-2021-21885	1 Lantronix	2 Premierwave 2050, Premierwave 2050 Firmware	2022-04-28	6.5 MEDIUM	7.2 HIGH
A directory traversal vulnerability exists in the Web Manager FsMove functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially crafted HTTP request can lead to local file inclusion. An attacker can make an authenticated HTTP request to trigger this vulnerability.
CVE-2021-21895	1 Lantronix	2 Premierwave 2050, Premierwave 2050 Firmware	2022-04-28	6.5 MEDIUM	7.2 HIGH
A directory traversal vulnerability exists in the Web Manager FsTFtp functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to FsTFtp file overwrite. An attacker can make an authenticated HTTP request to trigger this vulnerability.