Vulnerabilities > Lantronix > Premierwave 2050 Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-12-22 CVE-2021-21877 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
Specially-crafted HTTP requests can lead to arbitrary command execution in “GET” requests.
network
low complexity
lantronix CWE-78
critical
 9.1
9.1
2021-12-22 CVE-2021-21876 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
Specially-crafted HTTP requests can lead to arbitrary command execution in PUT requests.
network
low complexity
lantronix CWE-78
critical
 9.1
9.1
2021-12-22 CVE-2021-21875 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
A specially-crafted HTTP request can lead to arbitrary command execution in EC keypasswd parameter.
network
low complexity
lantronix CWE-78
critical
 9.1
9.1
2021-12-22 CVE-2021-21874 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
A specially-crafted HTTP request can lead to arbitrary command execution in DSA keypasswd parameter.
network
low complexity
lantronix CWE-78
critical
 9.1
9.1
2021-12-22 CVE-2021-21873 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
A specially-crafted HTTP request can lead to arbitrary command execution in RSA keypasswd parameter.
network
low complexity
lantronix CWE-78
critical
 9.1
9.1
2021-12-22 CVE-2021-21872 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
An OS command injection vulnerability exists in the Web Manager Diagnostics: Traceroute functionality of Lantronix PremierWave 2050 8.9.0.0R4.
network
low complexity
lantronix CWE-78
critical
 9.9
9.9