CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-26731 – spx_restservice modifyUserb_func Command Injection and Multiple Stack-Based Buffer Overflows
https://notcve.org/view.php?id=CVE-2021-26731
Command injection and multiple stack-based buffer overflows vulnerabilities in the modifyUserb_func function of spx_restservice allow an attacker to execute arbitrary code with the same privileges as the server user (root). This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. Unas vulnerabilidades de inyección de comandos y de desbordamiento del búfer en la región stack de la memoria en la función modifyUserb_func de spx_restservice permiten a un atacante ejecutar código arbitrario con los mismos privilegios que el usuario del servidor (root). Este problema afecta: Lanner Inc IAC-AST2500A versión de firmware estándar 1.10.0 Command injection and multiple stack-based buffer overflows vulnerabilities in the modifyUserb_func function of spx_restservice allow an authenticated attacker to execute arbitrary code with the same privileges as the server user (root). This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. • https://www.nozominetworks.com/blog/vulnerabilities-in-bmc-firmware-affect-ot-iot-device-security-part-1 https://www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-26731 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2021-45925 – Username Enumeration
https://notcve.org/view.php?id=CVE-2021-45925
Observable discrepancies in the login process allow an attacker to guess legitimate user names registered in the BMC. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. Unas discrepancias observables en el proceso de inicio de sesión permiten a un atacante adivinar nombres de usuario legítimos registrados en el BMC. Este problema afecta: Lanner Inc IAC-AST2500A versión de firmware estándar 1.10.0 • https://www.nozominetworks.com/blog/vulnerabilities-in-bmc-firmware-affect-ot-iot-device-security-part-1 https://www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-45925 • CWE-203: Observable Discrepancy •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-44467 – spx_restservice KillDupUsr_func Broken Access Control
https://notcve.org/view.php?id=CVE-2021-44467
A broken access control vulnerability in the KillDupUsr_func function of spx_restservice allows an attacker to arbitrarily terminate active sessions of other users, causing a Denial-of-Service (DoS) condition. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. Una vulnerabilidad de control de acceso rota en la función KillDupUsr_func de spx_restservice permite a un atacante terminar arbitrariamente las sesiones activas de otros usuarios, causando una condición de Denegación de Servicio (DoS). Este problema afecta: Lanner Inc IAC-AST2500A versión de firmware estándar 1.10.0 A broken access control vulnerability in the KillDupUsr_func function of spx_restservice allows an attacker to arbitrarily terminate active sessions of other users, causing a Denial-of-Service (DoS) condition, if an input parameter is correctly guessed. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. • https://www.nozominetworks.com/blog/vulnerabilities-in-bmc-firmware-affect-ot-iot-device-security-part-1 https://www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-44467 • CWE-284: Improper Access Control •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2021-26730 – spx_restservice Login_handler_func Subfunction Stack-Based Buffer Overflow
https://notcve.org/view.php?id=CVE-2021-26730
A stack-based buffer overflow vulnerability in a subfunction of the Login_handler_func function of spx_restservice allows an attacker to execute arbitrary code with the same privileges as the server user (root). This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. Una vulnerabilidad de desbordamiento de búfer en la región stack de la memoria en una subfunción de la función Login_handler_func de spx_restservice permite a un atacante ejecutar código arbitrario con los mismos privilegios que el usuario del servidor (root). Este problema afecta: Lanner Inc IAC-AST2500A versión de firmware estándar 1.10.0 • https://www.nozominetworks.com/blog/vulnerabilities-in-bmc-firmware-affect-ot-iot-device-security-part-1 https://www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-26730 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-44769 – TLS Certificate Generation Function Improper Input Validation
https://notcve.org/view.php?id=CVE-2021-44769
An improper input validation vulnerability in the TLS certificate generation function allows an attacker to cause a Denial-of-Service (DoS) condition which can only be reverted via a factory reset. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. Una vulnerabilidad de comprobación de entrada inapropiada en la función de generación de certificados TLS permite a un atacante causar una condición de Denegación de Servicio (DoS) que sólo puede revertirse por medio de un restablecimiento de fábrica. Este problema afecta a: Lanner Inc IAC-AST2500A versión de firmware estándar 1.10.0 • https://www.nozominetworks.com/blog/vulnerabilities-in-bmc-firmware-affect-ot-iot-device-security-part-1 https://www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-44769 • CWE-20: Improper Input Validation •