CVE-2021-21872
published 2021-12-22CVE-2021-21872: An OS command injection vulnerability exists in the Web Manager Diagnostics: Traceroute functionality of Lantronix PremierWave 2050 8.9.0.0R4. A…
PriorityP181critical9.9CVSS 3.1
AVNACLPRLUINSCCHIHAH
ITWVulnCheck KEV
Exploited in the wild
EPSS
6.06%
92.5th percentile
An OS command injection vulnerability exists in the Web Manager Diagnostics: Traceroute functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| lantronix | premierwave_2050_firmware | — | — |
CVSS provenance
nvdv3.19.9CRITICALCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
nvdv3.09.9CRITICALCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
nvdv2.09.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
vulncheck9.9CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-v378-ppcw-9mxm: An OS command injection vulnerability exists in the Web Manager Diagnostics: Traceroute functionality of Lantronix PremierWave 2050 8
ghsa_unreviewed·2021-12-23
CVE-2021-21872 [CRITICAL] CWE-78 GHSA-v378-ppcw-9mxm: An OS command injection vulnerability exists in the Web Manager Diagnostics: Traceroute functionality of Lantronix PremierWave 2050 8
An OS command injection vulnerability exists in the Web Manager Diagnostics: Traceroute functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
VulnCheck
lantronix premierwave_2050_firmware Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
vulncheck·2021·CVSS 9.9
CVE-2021-21872 [CRITICAL] lantronix premierwave_2050_firmware Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
lantronix premierwave_2050_firmware Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
An OS command injection vulnerability exists in the Web Manager Diagnostics: Traceroute functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
Affected: lantronix premierwave_2050_firmware
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://go.catonetworks.com/rs/245-RJK-441/images/CATO-NETWORKS-THREAT-REPORT2024.pdf; https://go.catonetworks.com/rs/245-RJK-441/images/Q2_24_
No detection rules found.
No public exploits indexed.
Talos
Vulnerability Spotlight: Vulnerabilities in Lantronix PremierWave 2050 could lead to code execution, file deletion
blogs_talos·2021-11-15·CVSS 9.9
[CRITICAL] Vulnerability Spotlight: Vulnerabilities in Lantronix PremierWave 2050 could lead to code execution, file deletion
## Vulnerability Spotlight: Vulnerabilities in Lantronix PremierWave 2050 could lead to code execution, file deletion
Matt Wiseman discovered these vulnerabilities.
Cisco Talos recently discovered multiple vulnerabilities in Lantronix’s PremierWave 2050, an embedded Wi-Fi module.
There are several vulnerabilities in PremierWave 2050’s Web Manager, a web-accessible application that allows users to configure settings for the 2050 gateway. An attacker could exploit some of these vulnerabilities to carry out a range of malicious actions, including executing arbitrary code and deleting or replacing files on the targeted device. Twelve of these vulnerabilities could allow a malicious user to manipulate the Web Manager in a way — for example, overflowing a fixed-size buffer — that would allow
Talos
Vulnerability Spotlight: Vulnerabilities in Lantronix PremierWave 2050 could lead to code execution, file deletion
blogs_talos·2021-11-15·CVSS 9.9
[CRITICAL] Vulnerability Spotlight: Vulnerabilities in Lantronix PremierWave 2050 could lead to code execution, file deletion
Matt Wiseman discovered these vulnerabilities.
Cisco Talos recently discovered multiple vulnerabilities in Lantronix’s PremierWave 2050, an embedded Wi-Fi module.
There are several vulnerabilities in PremierWave 2050’s Web Manager, a web-accessible application that allows users to configure settings for the 2050 gateway. An attacker could exploit some of these vulnerabilities to carry out a range of malicious actions, including executing arbitrary code and deleting or replacing files on the targeted device. Twelve of these vulnerabilities could allow a malicious user to manipulate the Web Manager in a way — for example, overflowing a fixed-size buffer — that would allow them to execute arbitrary code. These vulnerabilities all require the attacker to authenticate to the Web Manager first
2021-12-22
Published
Exploited in the wild