Описание
A local file inclusion vulnerability exists in the Web Manager Applications and FsBrowse functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted series of HTTP requests can lead to local file inclusion. An attacker can make a series of authenticated HTTP requests to trigger this vulnerability.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:lantronix:premierwave_2050_firmware:8.9.0.0:r4:*:*:*:*:*:*
cpe:2.3:h:lantronix:premierwave_2050:-:*:*:*:*:*:*:*
EPSS
Процентиль: 52%
0.00288
Низкий
4.9 Medium
CVSS3
4.9 Medium
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-668
CWE-668
Связанные уязвимости
CVSS3: 4.9
github
около 4 лет назад
A local file inclusion vulnerability exists in the Web Manager Applications and FsBrowse functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted series of HTTP requests can lead to local file inclusion. An attacker can make a series of authenticated HTTP requests to trigger this vulnerability.
EPSS
Процентиль: 52%
0.00288
Низкий
4.9 Medium
CVSS3
4.9 Medium
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-668
CWE-668