Vulnerabilities > Lantronix > Premierwave 2050 Firmware

DATE CVE VULNERABILITY TITLE RISK
2021-12-22 CVE-2021-21872 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
An OS command injection vulnerability exists in the Web Manager Diagnostics: Traceroute functionality of Lantronix PremierWave 2050 8.9.0.0R4.
network
low complexity
lantronix CWE-78
critical
9.9
2021-12-22 CVE-2021-21873 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
A specially-crafted HTTP request can lead to arbitrary command execution in RSA keypasswd parameter.
network
low complexity
lantronix CWE-78
critical
9.1
2021-12-22 CVE-2021-21874 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
A specially-crafted HTTP request can lead to arbitrary command execution in DSA keypasswd parameter.
network
low complexity
lantronix CWE-78
critical
9.1
2021-12-22 CVE-2021-21875 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
A specially-crafted HTTP request can lead to arbitrary command execution in EC keypasswd parameter.
network
low complexity
lantronix CWE-78
critical
9.1
2021-12-22 CVE-2021-21876 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
Specially-crafted HTTP requests can lead to arbitrary command execution in PUT requests.
network
low complexity
lantronix CWE-78
critical
9.1
2021-12-22 CVE-2021-21877 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
Specially-crafted HTTP requests can lead to arbitrary command execution in “GET” requests.
network
low complexity
lantronix CWE-78
critical
9.1
2021-12-22 CVE-2021-21878 Exposure of Resource to Wrong Sphere vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
A local file inclusion vulnerability exists in the Web Manager Applications and FsBrowse functionality of Lantronix PremierWave 2050 8.9.0.0R4.
network
low complexity
lantronix CWE-668
6.8
2021-12-22 CVE-2021-21880 Path Traversal vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
A directory traversal vulnerability exists in the Web Manager FsCopyFile functionality of Lantronix PremierWave 2050 8.9.0.0R4.
network
low complexity
lantronix CWE-22
6.5
2021-12-22 CVE-2021-21881 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
An OS command injection vulnerability exists in the Web Manager Wireless Network Scanner functionality of Lantronix PremierWave 2050 8.9.0.0R4.
network
low complexity
lantronix CWE-78
critical
9.0
2021-12-22 CVE-2021-21882 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
An OS command injection vulnerability exists in the Web Manager FsUnmount functionality of Lantronix PremierWave 2050 8.9.0.0R4.
network
low complexity
lantronix CWE-78
critical
9.0