An OS command injection vulnerability exists in the Web Manager SslGenerateCertificate functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
lantronix premierwave_2050_firmware 8.9.0.0 |