Vulnerabilities > Lantronix

DATE CVE VULNERABILITY TITLE RISK
2021-12-22 CVE-2021-21891 Out-of-bounds Write vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
A stack-based buffer overflow vulnerability exists in the Web Manager FsBrowseClean functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU).
network
low complexity
lantronix CWE-787
critical
 9.1
9.1
2021-12-22 CVE-2021-21892 Out-of-bounds Write vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
A stack-based buffer overflow vulnerability exists in the Web Manager FsUnmount functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU).
network
low complexity
lantronix CWE-787
critical
 9.9
9.9
2021-12-22 CVE-2021-21894 Path Traversal vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
A directory traversal vulnerability exists in the Web Manager FsTFtp functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU).
network
low complexity
lantronix CWE-22
critical
 9.1
9.1
2021-12-22 CVE-2021-21895 Path Traversal vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
A directory traversal vulnerability exists in the Web Manager FsTFtp functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU).
network
low complexity
lantronix CWE-22
7.2
7.2
2021-12-22 CVE-2021-21896 Path Traversal vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
A directory traversal vulnerability exists in the Web Manager FsBrowseClean functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU).
network
low complexity
lantronix CWE-22
6.5
6.5
2020-12-18 CVE-2020-13528 Cleartext Transmission of Sensitive Information vulnerability in Lantronix Xport Edge Firmware
An information disclosure vulnerability exists in the Web Manager and telnet CLI functionality of Lantronix XPort EDGE 3.0.0.0R11, 3.1.0.0R9, 3.4.0.0R12 and 4.2.0.0R7.
network
high complexity
lantronix CWE-319
5.3
5.3
2020-12-18 CVE-2020-13527 Cross-Site Request Forgery (CSRF) vulnerability in Lantronix SGX Firmware and Xport Edge Firmware
An authentication bypass vulnerability exists in the Web Manager functionality of Lantronix XPort EDGE 3.0.0.0R11, 3.1.0.0R9, 3.4.0.0R12 and 4.2.0.0R7.
network
low complexity
lantronix CWE-352
4.5
4.5
2019-05-02 CVE-2018-10383 Cross-site Scripting vulnerability in Lantronix Securelinx Spider Firmware
Lantronix SecureLinx Spider (SLS) 2.2+ devices have XSS in the auth.asp login page.
network
low complexity
lantronix CWE-79
6.1
6.1
2018-06-28 CVE-2018-12925 Weak Password Requirements vulnerability in Lantronix MSS Firmware
Baseon Lantronix MSS devices do not require a password for TELNET access.
network
low complexity
lantronix CWE-521
critical
 9.8
9.8
2016-05-14 CVE-2016-4325 Unspecified vulnerability in Lantronix Xprintserver Firmware 3.3.0
Lantronix xPrintServer devices with firmware before 5.0.1-65 have hardcoded credentials, which allows remote attackers to obtain root access via unspecified vectors.
network
low complexity
lantronix
critical
 9.8
9.8