Vulnerabilities > Lantronix
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-11-20 | CVE-2014-9003 | Cross-Site Request Forgery (CSRF) vulnerability in Lantronix Xprintserver Cross-site request forgery (CSRF) vulnerability in Lantronix xPrintServer allows remote attackers to hijack the authentication of administrators for requests that modify configuration, as demonstrated by executing arbitrary commands using the c parameter in the rpc action. | 6.8 |
2014-11-20 | CVE-2014-9002 | Permissions, Privileges, and Access Controls vulnerability in Lantronix Xprintserver Lantronix xPrintServer does not properly restrict access to ips/, which allows remote attackers to execute arbitrary commands via the c parameter in an rpc action. | 10.0 |
2009-09-10 | CVE-2008-7201 | Resource Management Errors vulnerability in Lantronix Mss485-T Lantronix MSS485-T allows remote attackers to cause a denial of service (unstable performance and service loss) via certain vulnerability scans, as demonstrated using (1) Nessus and (2) nmap. | 7.8 |
2007-11-15 | CVE-2007-5981 | Remote Denial Of Service vulnerability in Lantronix SCS3200 Lantronix SCS3200 does not properly handle public-key requests, which allows remote attackers to cause a denial of service (unresponsive device) via unspecified keyscan requests. low complexity lantronix | 3.3 |
2005-07-11 | CVE-2005-2189 | Information Disclosure vulnerability in Lantronix Securelinx 2.0/3.0 Lantronix SecureLinx console server running firmware 2.0 and 3.0 stores /etc/ssh under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as SSH private keys. | 5.0 |