Vulnerabilities > Lantronix

DATE CVE VULNERABILITY TITLE RISK
2024-01-23 CVE-2023-7237 Inadequate Encryption Strength vulnerability in Lantronix Xport Edge Firmware 2.0.0.13
Lantronix XPort sends weakly encoded credentials within web request headers.
network
low complexity
lantronix CWE-326
7.5
2021-12-22 CVE-2021-21872 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
An OS command injection vulnerability exists in the Web Manager Diagnostics: Traceroute functionality of Lantronix PremierWave 2050 8.9.0.0R4.
network
low complexity
lantronix CWE-78
critical
9.9
2021-12-22 CVE-2021-21873 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
A specially-crafted HTTP request can lead to arbitrary command execution in RSA keypasswd parameter.
network
low complexity
lantronix CWE-78
critical
9.1
2021-12-22 CVE-2021-21874 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
A specially-crafted HTTP request can lead to arbitrary command execution in DSA keypasswd parameter.
network
low complexity
lantronix CWE-78
critical
9.1
2021-12-22 CVE-2021-21875 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
A specially-crafted HTTP request can lead to arbitrary command execution in EC keypasswd parameter.
network
low complexity
lantronix CWE-78
critical
9.1
2021-12-22 CVE-2021-21876 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
Specially-crafted HTTP requests can lead to arbitrary command execution in PUT requests.
network
low complexity
lantronix CWE-78
critical
9.1
2021-12-22 CVE-2021-21877 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
Specially-crafted HTTP requests can lead to arbitrary command execution in “GET” requests.
network
low complexity
lantronix CWE-78
critical
9.1
2021-12-22 CVE-2021-21878 Exposure of Resource to Wrong Sphere vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
A local file inclusion vulnerability exists in the Web Manager Applications and FsBrowse functionality of Lantronix PremierWave 2050 8.9.0.0R4.
network
low complexity
lantronix CWE-668
6.8
2021-12-22 CVE-2021-21879 Path Traversal vulnerability in Lantronix Premierwave 2050 8.9.0.0
A directory traversal vulnerability exists in the Web Manager File Upload functionality of Lantronix PremierWave 2050 8.9.0.0R4.
network
low complexity
lantronix CWE-22
critical
9.0
2021-12-22 CVE-2021-21880 Path Traversal vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
A directory traversal vulnerability exists in the Web Manager FsCopyFile functionality of Lantronix PremierWave 2050 8.9.0.0R4.
network
low complexity
lantronix CWE-22
6.5