Vendor
Lantronix
Products
5
CVEs
6
Across products
7
Status
Private
Products
5- 2 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
6| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-4325 | Cri | 0.64 | 9.8 | 0.00 | May 14, 2016 | Lantronix xPrintServer devices with firmware before 5.0.1-65 have hardcoded credentials, which allows remote attackers to obtain root access via unspecified vectors. | |
| CVE-2014-9003 | 0.00 | — | 0.00 | Nov 20, 2014 | Cross-site request forgery (CSRF) vulnerability in Lantronix xPrintServer allows remote attackers to hijack the authentication of administrators for requests that modify configuration, as demonstrated by executing arbitrary commands using the c parameter in the rpc action. | ||
| CVE-2014-9002 | 0.00 | — | 0.04 | Nov 20, 2014 | Lantronix xPrintServer does not properly restrict access to ips/, which allows remote attackers to execute arbitrary commands via the c parameter in an rpc action. | ||
| CVE-2008-7201 | 0.00 | — | 0.01 | Sep 10, 2009 | Lantronix MSS485-T allows remote attackers to cause a denial of service (unstable performance and service loss) via certain vulnerability scans, as demonstrated using (1) Nessus and (2) nmap. | ||
| CVE-2007-5981 | 0.00 | — | 0.00 | Nov 15, 2007 | Lantronix SCS3200 does not properly handle public-key requests, which allows remote attackers to cause a denial of service (unresponsive device) via unspecified keyscan requests. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||
| CVE-2005-2189 | 0.00 | — | 0.00 | Jul 11, 2005 | Lantronix SecureLinx console server running firmware 2.0 and 3.0 stores /etc/ssh under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as SSH private keys. |