exploitDog

GHSA-mh5r-cxjx-37mf

Опубликовано: 23 дек. 2021

Источник: github

Github: Не прошло ревью

CVSS3: 9.1

Описание

A stack-based buffer overflow vulnerability exists in the Web Manager SslGenerateCSR functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.

A stack-based buffer overflow vulnerability exists in the Web Manager SslGenerateCSR functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.

Ссылки

EPSS

Процентиль: 86%

0.02972

Низкий

9.1 Critical

CVSS3

CVE ID

Дефекты

CWE-787

Связанные уязвимости

CVE-2021-21887

CVSS3: 9.1

nvd

около 4 лет назад

A stack-based buffer overflow vulnerability exists in the Web Manager SslGenerateCSR functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.

BDU:2022-07106

CVSS3: 9.1

fstec

около 4 лет назад

Уязвимость функционала sslgeneratecsr веб-интерфейса управления микропрограммного обеспечения WLAN-клиента Hirschmann BAT-C2, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 86%

0.02972

Низкий

9.1 Critical

CVSS3

CVE ID

Дефекты

CWE-787