Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Lantronix Subscribe

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-21882 1 Lantronix 2 Premierwave 2050, Premierwave 2050 Firmware 2022-04-28 9.0 HIGH 8.8 HIGH
An OS command injection vulnerability exists in the Web Manager FsUnmount functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
CVE-2021-21880 1 Lantronix 2 Premierwave 2050, Premierwave 2050 Firmware 2022-04-28 6.5 MEDIUM 7.2 HIGH
A directory traversal vulnerability exists in the Web Manager FsCopyFile functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to local file inclusion. An attacker can make an authenticated HTTP request to trigger this vulnerability.
CVE-2021-21885 1 Lantronix 2 Premierwave 2050, Premierwave 2050 Firmware 2022-04-28 6.5 MEDIUM 7.2 HIGH
A directory traversal vulnerability exists in the Web Manager FsMove functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially crafted HTTP request can lead to local file inclusion. An attacker can make an authenticated HTTP request to trigger this vulnerability.
CVE-2021-21879 1 Lantronix 1 Premierwave 2050 2022-04-28 9.0 HIGH 8.8 HIGH
A directory traversal vulnerability exists in the Web Manager File Upload functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary file overwrite. An attacker can make an authenticated HTTP request to trigger this vulnerability.
CVE-2021-21895 1 Lantronix 2 Premierwave 2050, Premierwave 2050 Firmware 2022-04-28 6.5 MEDIUM 7.2 HIGH
A directory traversal vulnerability exists in the Web Manager FsTFtp functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to FsTFtp file overwrite. An attacker can make an authenticated HTTP request to trigger this vulnerability.