Vulnerabilities > Lantronix > Premierwave 2050 Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-12-22 CVE-2021-21888 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
An OS command injection vulnerability exists in the Web Manager SslGenerateCertificate functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU).
network
low complexity
lantronix CWE-78
critical
 9.0
9.0
2021-12-22 CVE-2021-21884 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
An OS command injection vulnerability exists in the Web Manager SslGenerateCSR functionality of Lantronix PremierWave 2050 8.9.0.0R4.
network
low complexity
lantronix CWE-78
critical
 9.0
9.0
2021-12-22 CVE-2021-21883 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
An OS command injection vulnerability exists in the Web Manager Diagnostics: Ping functionality of Lantronix PremierWave 2050 8.9.0.0R4.
network
low complexity
lantronix CWE-78
critical
 9.0
9.0
2021-12-22 CVE-2021-21882 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
An OS command injection vulnerability exists in the Web Manager FsUnmount functionality of Lantronix PremierWave 2050 8.9.0.0R4.
network
low complexity
lantronix CWE-78
critical
 9.0
9.0
2021-12-22 CVE-2021-21881 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
An OS command injection vulnerability exists in the Web Manager Wireless Network Scanner functionality of Lantronix PremierWave 2050 8.9.0.0R4.
network
low complexity
lantronix CWE-78
critical
 9.0
9.0
2021-12-22 CVE-2021-21877 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
Specially-crafted HTTP requests can lead to arbitrary command execution in “GET” requests.
network
low complexity
lantronix CWE-78
critical
 9.1
9.1
2021-12-22 CVE-2021-21876 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
Specially-crafted HTTP requests can lead to arbitrary command execution in PUT requests.
network
low complexity
lantronix CWE-78
critical
 9.1
9.1
2021-12-22 CVE-2021-21875 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
A specially-crafted HTTP request can lead to arbitrary command execution in EC keypasswd parameter.
network
low complexity
lantronix CWE-78
critical
 9.1
9.1
2021-12-22 CVE-2021-21874 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
A specially-crafted HTTP request can lead to arbitrary command execution in DSA keypasswd parameter.
network
low complexity
lantronix CWE-78
critical
 9.1
9.1
2021-12-22 CVE-2021-21873 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
A specially-crafted HTTP request can lead to arbitrary command execution in RSA keypasswd parameter.
network
low complexity
lantronix CWE-78
critical
 9.1
9.1