Vulnerabilities > Lannerinc > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-24 | CVE-2021-26727 | Out-of-bounds Write vulnerability in Lannerinc Iac-Ast2500A Firmware 1.10.0 Multiple command injections and stack-based buffer overflows vulnerabilities in the SubNet_handler_func function of spx_restservice allow an attacker to execute arbitrary code with the same privileges as the server user (root). | 9.8 |
| 2022-10-24 | CVE-2021-26728 | Out-of-bounds Write vulnerability in Lannerinc Iac-Ast2500A Firmware 1.10.0 Command injection and stack-based buffer overflow vulnerabilities in the KillDupUsr_func function of spx_restservice allow an attacker to execute arbitrary code with the same privileges as the server user (root). | 9.8 |
| 2022-10-24 | CVE-2021-26729 | Out-of-bounds Write vulnerability in Lannerinc Iac-Ast2500A Firmware 1.10.0 Command injection and multiple stack-based buffer overflows vulnerabilities in the Login_handler_func function of spx_restservice allow an attacker to execute arbitrary code with the same privileges as the server user (root). | 9.8 |
| 2022-10-24 | CVE-2021-26730 | Out-of-bounds Write vulnerability in Lannerinc Iac-Ast2500A Firmware 1.10.0 A stack-based buffer overflow vulnerability in a subfunction of the Login_handler_func function of spx_restservice allows an attacker to execute arbitrary code with the same privileges as the server user (root). | 9.8 |
| 2022-10-24 | CVE-2021-26731 | Out-of-bounds Write vulnerability in Lannerinc Iac-Ast2500A Firmware 1.10.0 Command injection and multiple stack-based buffer overflows vulnerabilities in the modifyUserb_func function of spx_restservice allow an authenticated attacker to execute arbitrary code with the same privileges as the server user (root). | 9.8 |