Vulnerabilities > Lantronix > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-12-22 CVE-2021-21888 OS Command Injection vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
An OS command injection vulnerability exists in the Web Manager SslGenerateCertificate functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU).
network
low complexity
lantronix CWE-78
critical
 9.1
9.1
2021-12-22 CVE-2021-21889 Out-of-bounds Write vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
A stack-based buffer overflow vulnerability exists in the Web Manager Ping functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU).
network
low complexity
lantronix CWE-787
critical
 9.9
9.9
2021-12-22 CVE-2021-21890 Out-of-bounds Write vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
A stack-based buffer overflow vulnerability exists in the Web Manager FsBrowseClean functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU).
network
low complexity
lantronix CWE-787
critical
 9.1
9.1
2021-12-22 CVE-2021-21891 Out-of-bounds Write vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
A stack-based buffer overflow vulnerability exists in the Web Manager FsBrowseClean functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU).
network
low complexity
lantronix CWE-787
critical
 9.1
9.1
2021-12-22 CVE-2021-21892 Out-of-bounds Write vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
A stack-based buffer overflow vulnerability exists in the Web Manager FsUnmount functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU).
network
low complexity
lantronix CWE-787
critical
 9.9
9.9
2021-12-22 CVE-2021-21894 Path Traversal vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0
A directory traversal vulnerability exists in the Web Manager FsTFtp functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU).
network
low complexity
lantronix CWE-22
critical
 9.1
9.1
2018-06-28 CVE-2018-12925 Weak Password Requirements vulnerability in Lantronix MSS Firmware
Baseon Lantronix MSS devices do not require a password for TELNET access.
network
low complexity
lantronix CWE-521
critical
 9.8
9.8
2016-05-14 CVE-2016-4325 Unspecified vulnerability in Lantronix Xprintserver Firmware 3.3.0
Lantronix xPrintServer devices with firmware before 5.0.1-65 have hardcoded credentials, which allows remote attackers to obtain root access via unspecified vectors.
network
low complexity
lantronix
critical
 9.8
9.8