CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2021-26728 – spx_restservice KillDupUsr_func Command Injection and Stack-Based Buffer Overflow
https://notcve.org/view.php?id=CVE-2021-26728
Command injection and stack-based buffer overflow vulnerabilities in the KillDupUsr_func function of spx_restservice allow an attacker to execute arbitrary code with the same privileges as the server user (root). This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. Unas vulnerabilidades de inyección de comandos y desbordamiento del búfer en la región stack de la memoria en la función KillDupUsr_func de spx_restservice permiten a un atacante ejecutar código arbitrario con los mismos privilegios que el usuario del servidor (root). Este problema afecta a: Lanner Inc IAC-AST2500A versión de firmware estándar 1.10.0 • https://www.nozominetworks.com/blog/vulnerabilities-in-bmc-firmware-affect-ot-iot-device-security-part-1 https://www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-26728 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 0CVE-2021-4228 – Hard-coded TLS Certificate
https://notcve.org/view.php?id=CVE-2021-4228
Use of hard-coded TLS certificate by default allows an attacker to perform Man-in-the-Middle (MitM) attacks even in the presence of the HTTPS connection. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.00.0. Un uso del certificado TLS embebido por defecto permite a un atacante llevar a cabo ataques de tipo Man-in-the-Middle (MitM) incluso en presencia de la conexión HTTPS. Este problema afecta: Lanner Inc IAC-AST2500A versión de firmware estándar 1.00.0 • https://www.nozominetworks.com/blog/vulnerabilities-in-bmc-firmware-affect-ot-iot-device-security-part-1 https://www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-4228 • CWE-321: Use of Hard-coded Cryptographic Key CWE-798: Use of Hard-coded Credentials •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-46279 – Session Fixation and Insufficient Session Expiration
https://notcve.org/view.php?id=CVE-2021-46279
Session fixation and insufficient session expiration vulnerabilities allow an attacker to perfom session hijacking attacks against users. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. unas vulnerabilidades de fijación de sesión y caducidad de sesión insuficiente permiten a un atacante realizar ataques de secuestro de sesión contra usuarios. Este problema afecta: Lanner Inc IAC-AST2500A versión de firmware estándar 1.10.0 • https://www.nozominetworks.com/blog/vulnerabilities-in-bmc-firmware-affect-ot-iot-device-security-part-1 https://www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-46279 • CWE-384: Session Fixation CWE-613: Insufficient Session Expiration •