Medium severity5.3NVD Advisory· Published Oct 24, 2022· Updated Jun 17, 2026
CVE-2021-44467
CVE-2021-44467
Description
A broken access control vulnerability in the KillDupUsr_func function of spx_restservice allows an attacker to arbitrarily terminate active sessions of other users, causing a Denial-of-Service (DoS) condition, if an input parameter is correctly guessed. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2= 1.10.0+ 1 more
- (no CPE)range: = 1.10.0
- (no CPE)range: 1.10.0
Patches
Vulnerability mechanics
References
2- www.nozominetworks.com/blog/vulnerabilities-in-bmc-firmware-affect-ot-iot-device-security-part-1/nvdThird Party Advisory
- www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-44467/nvdThird Party Advisory
News mentions
0No linked articles in our index yet.