Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An OS command injection vulnerability exists in the Web Manager SslGenerateCertificate functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
CVSS Information
N/A
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
Lantronix PremierWave 2050 操作系统命令注入漏洞
Vulnerability Description
Lantronix PremierWave 2050是美国Lantronix公司的一个嵌入式企业 Wi-Fi 模块。用于提供可靠且始终在线的 5G Wi-Fi 连接。 Lantronix PremierWave 2050 8.9.0.0R4 版本存在操作系统命令注入漏洞,该漏洞源于系统针对于HTTP请求验证存在问题。一个特殊的HTTP请求可能导致任意命令的执行。攻击者可以发出经过身份验证的HTTP请求来触发此漏洞。
CVSS Information
N/A
Vulnerability Type
N/A