CVE-2021-21881
Description
An OS command injection vulnerability exists in the Web Manager Wireless Network Scanner functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Authenticated OS command injection in Lantronix PremierWave 2050 Web Manager WLAN Scan via unsanitized ssid parameter allows root-level RCE.
Vulnerability
An OS command injection vulnerability exists in the Web Manager Wireless Network Scanner functionality of Lantronix PremierWave 2050 firmware version 8.9.0.0R4 [1]. The WLANScanSSID AJAX endpoint builds a system command using an unsanitized HTTP parameter ssid, which is passed directly into a snprintf call that constructs a command invoking /usr/sbin/wpa_cli [1]. No input validation or sanitization is applied to the ssid value, enabling an authenticated attacker to inject arbitrary commands. The injected command executes with root privileges [1].
Exploitation
An attacker must have valid credentials to authenticate to the PremierWave 2050 Web Manager [1]. The attacker sends a crafted POST request to the root endpoint with a malicious ssid parameter in the form data [1]. The vulnerable code concatenates the attacker-controlled ssid into a shell command string, which is then executed via the exec_system_cmd_ex function [1]. A sample HTTP request is provided in the reference, demonstrating a simple injection that triggers command execution with no user interaction required beyond authentication [1].
Impact
Successful exploitation allows an authenticated remote attacker to execute arbitrary operating system commands as root on the device [1]. This results in full compromise of the device's confidentiality, integrity, and availability, enabling the attacker to read sensitive data, modify configuration, install persistent malware, or disrupt operation [1]. The CVSSv3 score is 9.9, reflecting the critical severity due to network access, low complexity, and high impact with privilege escalation to root [1].
Mitigation
As of the publication of this CVE (December 22, 2021), Lantronix has not released a firmware update that patches this vulnerability [1]. No workaround is provided in the available references. Users should restrict network access to the Web Manager interface to trusted administrators only, monitor for suspicious authentication attempts, and contact Lantronix for update availability [1].
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Lantronix/PremierWave 2050description
- Range: = 8.9.0.0R4
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- talosintelligence.com/vulnerability_reports/TALOS-2021-1325mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.