CVE-2021-26728 – spx_restservice KillDupUsr_func Command Injection and Stack-Based Buffer Overflow
https://notcve.org/view.php?id=CVE-2021-26728
Command injection and stack-based buffer overflow vulnerabilities in the KillDupUsr_func function of spx_restservice allow an attacker to execute arbitrary code with the same privileges as the server user (root). This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. Unas vulnerabilidades de inyección de comandos y desbordamiento del búfer en la región stack de la memoria en la función KillDupUsr_func de spx_restservice permiten a un atacante ejecutar código arbitrario con los mismos privilegios que el usuario del servidor (root). Este problema afecta a: Lanner Inc IAC-AST2500A versión de firmware estándar 1.10.0 • https://www.nozominetworks.com/blog/vulnerabilities-in-bmc-firmware-affect-ot-iot-device-security-part-1 https://www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-26728 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2021-46279 – Session Fixation and Insufficient Session Expiration
https://notcve.org/view.php?id=CVE-2021-46279
Session fixation and insufficient session expiration vulnerabilities allow an attacker to perfom session hijacking attacks against users. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. unas vulnerabilidades de fijación de sesión y caducidad de sesión insuficiente permiten a un atacante realizar ataques de secuestro de sesión contra usuarios. Este problema afecta: Lanner Inc IAC-AST2500A versión de firmware estándar 1.10.0 • https://www.nozominetworks.com/blog/vulnerabilities-in-bmc-firmware-affect-ot-iot-device-security-part-1 https://www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-46279 • CWE-384: Session Fixation CWE-613: Insufficient Session Expiration •