Medium severity6.5NVD Advisory· Published Oct 24, 2022· Updated Jun 17, 2026
CVE-2021-44776
CVE-2021-44776
Description
A broken access control vulnerability in the SubNet_handler_func function of spx_restservice allows an attacker to arbitrarily change the security access rights to KVM and Virtual Media functionalities. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: = 1.10.0
= 1.10.0+ 1 more
- (no CPE)range: = 1.10.0
- (no CPE)range: 1.10.0
Patches
Vulnerability mechanics
References
2- www.nozominetworks.com/blog/vulnerabilities-in-bmc-firmware-affect-ot-iot-device-security-part-1/nvdThird Party Advisory
- www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-44776/nvdThird Party Advisory
News mentions
0No linked articles in our index yet.