VYPR

PremierWave 2050

by Lantronix

CVEs (19)

  • CVE-2021-21892CriDec 22, 2021
    risk 0.67cvss 9.9epss 0.30

    A stack-based buffer overflow vulnerability exists in the Web Manager FsUnmount functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this…

  • CVE-2021-21881CriDec 22, 2021
    risk 0.67cvss 9.9epss 0.37

    An OS command injection vulnerability exists in the Web Manager Wireless Network Scanner functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this…

  • CVE-2021-21889CriDec 22, 2021
    risk 0.65cvss 9.9epss 0.03

    A stack-based buffer overflow vulnerability exists in the Web Manager Ping functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this…

  • CVE-2021-21883CriDec 22, 2021
    risk 0.65cvss 9.9epss 0.06

    An OS command injection vulnerability exists in the Web Manager Diagnostics: Ping functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this…

  • CVE-2021-21872CriDec 22, 2021
    risk 0.65cvss 9.9epss 0.06

    An OS command injection vulnerability exists in the Web Manager Diagnostics: Traceroute functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger…

  • CVE-2021-21884CriDec 22, 2021
    risk 0.60cvss 9.1epss 0.05

    An OS command injection vulnerability exists in the Web Manager SslGenerateCSR functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this…

  • CVE-2021-21894CriDec 22, 2021
    risk 0.59cvss 9.1epss 0.02

    A directory traversal vulnerability exists in the Web Manager FsTFtp functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to arbitrary file overwrite FsTFtp file disclosure. An attacker can make an authenticated HTTP request…

  • CVE-2021-21891CriDec 22, 2021
    risk 0.59cvss 9.1epss 0.03

    A stack-based buffer overflow vulnerability exists in the Web Manager FsBrowseClean functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote code execution in the vulnerable portion of the branch (deletefile). An…

  • CVE-2021-21890CriDec 22, 2021
    risk 0.59cvss 9.1epss 0.03

    A stack-based buffer overflow vulnerability exists in the Web Manager FsBrowseClean functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote code execution in the vulnerable portion of the branch (deletedir). An…

  • CVE-2021-21888CriDec 22, 2021
    risk 0.59cvss 9.1epss 0.04

    An OS command injection vulnerability exists in the Web Manager SslGenerateCertificate functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to…

  • CVE-2021-21887CriDec 22, 2021
    risk 0.59cvss 9.1epss 0.03

    A stack-based buffer overflow vulnerability exists in the Web Manager SslGenerateCSR functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger…

  • CVE-2021-21882HigDec 22, 2021
    risk 0.58cvss 8.8epss 0.06

    An OS command injection vulnerability exists in the Web Manager FsUnmount functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this…

  • CVE-2021-21879HigDec 22, 2021
    risk 0.57cvss 8.8epss 0.04

    A directory traversal vulnerability exists in the Web Manager File Upload functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary file overwrite. An attacker can make an authenticated HTTP request to trigger this…

  • CVE-2021-21895HigDec 22, 2021
    risk 0.47cvss 7.2epss 0.02

    A directory traversal vulnerability exists in the Web Manager FsTFtp functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to FsTFtp file overwrite. An attacker can make an authenticated HTTP request to trigger this…

  • CVE-2021-21885HigDec 22, 2021
    risk 0.47cvss 7.2epss 0.02

    A directory traversal vulnerability exists in the Web Manager FsMove functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially crafted HTTP request can lead to local file inclusion. An attacker can make an authenticated HTTP request to trigger this vulnerability.

  • CVE-2021-21880HigDec 22, 2021
    risk 0.47cvss 7.2epss 0.02

    A directory traversal vulnerability exists in the Web Manager FsCopyFile functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to local file inclusion. An attacker can make an authenticated HTTP request to trigger this vulnerability.

  • CVE-2021-21896MedDec 22, 2021
    risk 0.42cvss 6.5epss 0.02

    A directory traversal vulnerability exists in the Web Manager FsBrowseClean functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to arbitrary file deletion. An attacker can make an authenticated HTTP request to trigger this…

  • CVE-2021-21878MedDec 22, 2021
    risk 0.32cvss 4.9epss 0.01

    A local file inclusion vulnerability exists in the Web Manager Applications and FsBrowse functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted series of HTTP requests can lead to local file inclusion. An attacker can make a series of authenticated HTTP…

  • CVE-2021-21886MedDec 22, 2021
    risk 0.28cvss 4.3epss 0.02

    A directory traversal vulnerability exists in the Web Manager FSBrowsePage functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially crafted HTTP request can lead to information disclosure. An attacker can make an authenticated HTTP request to trigger this vulnerability.