An OS command injection vulnerability exists in the Web...
Critical severity
Unreviewed
Published
Dec 23, 2021
to the GitHub Advisory Database
•
Updated Feb 3, 2023
Description
Published by the National Vulnerability Database
Dec 22, 2021
Published to the GitHub Advisory Database
Dec 23, 2021
Last updated
Feb 3, 2023
An OS command injection vulnerability exists in the Web Manager Diagnostics: Traceroute functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
References