lannerinc 漏洞与 CVE 列表(13)

产品(CPE): — CVE 数: 13

lannerinc 漏洞概览

汇总 lannerinc 相关全部产品的 CVE 与安全漏洞情报,包括 CVSS、EPSS、公开时间与漏洞情报数据。

已披露问题常与 缓冲区溢出、内存损坏与输入验证问题 相关,可能在 生产负载与软件部署 场景中带来 内存损坏与异常行为 等暴露风险。

相关漏洞数据主要来源于公开漏洞披露与安全公告,可用于评估历史漏洞暴露面与修复优先级。

漏洞分布趋势(近 24 个月)

显示 11313 CVE 数
«« 第一页 « 上一页 第 1 / 1 页 下一页 »
CVE 摘要 来源 最高 CVSS EPSS % 公开时间 更新时间
CVE-2021-4228 Use of hard-coded TLS certificate by default allows an attacker to perform Man-in-the-Middle (MitM) attacks even in the presence of the HTTPS connection. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.00.0. [email protected] 5.8 9.95% 2022-10-24 2026-06-17
CVE-2021-46279 Session fixation and insufficient session expiration vulnerabilities allow an attacker to perfom session hijacking attacks against users. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. [email protected] 5.8 0.40% 2022-10-24 2026-06-17
CVE-2021-45925 Observable discrepancies in the login process allow an attacker to guess legitimate user names registered in the BMC. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. [email protected] 5.3 0.51% 2022-10-24 2026-06-17
CVE-2021-44776 A broken access control vulnerability in the SubNet_handler_func function of spx_restservice allows an attacker to arbitrarily change the security access rights to KVM and Virtual Media functionalities. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. [email protected] 6.5 0.44% 2022-10-24 2026-06-17
CVE-2021-44769 An improper input validation vulnerability in the TLS certificate generation function allows an attacker to cause a Denial-of-Service (DoS) condition which can only be reverted via a factory reset. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. [email protected] 4.9 0.42% 2022-10-24 2026-06-17
CVE-2021-44467 A broken access control vulnerability in the KillDupUsr_func function of spx_restservice allows an attacker to arbitrarily terminate active sessions of other users, causing a Denial-of-Service (DoS) condition, if an input parameter is correctly guessed. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. [email protected] 5.3 0.65% 2022-10-24 2026-06-17
CVE-2021-26733 A broken access control vulnerability in the FirstReset_handler_func function of spx_restservice allows an attacker to arbitrarily send reboot commands to the BMC, causing a Denial-of-Service (DoS) condition. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. [email protected] 5.3 0.65% 2022-10-24 2026-06-16
CVE-2021-26732 A broken access control vulnerability in the First_network_func function of spx_restservice allows an attacker to arbitrarily change the network configuration of the BMC. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. [email protected] 6.5 0.44% 2022-10-24 2026-06-16
CVE-2021-26731 Command injection and multiple stack-based buffer overflows vulnerabilities in the modifyUserb_func function of spx_restservice allow an authenticated attacker to execute arbitrary code with the same privileges as the server user (root). This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. [email protected] 9.1 2.31% 2022-10-24 2026-06-16
CVE-2021-26730 A stack-based buffer overflow vulnerability in a subfunction of the Login_handler_func function of spx_restservice allows an attacker to execute arbitrary code with the same privileges as the server user (root). This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. [email protected] 10.0 0.98% 2022-10-24 2026-06-16
CVE-2021-26729 Command injection and multiple stack-based buffer overflows vulnerabilities in the Login_handler_func function of spx_restservice allow an attacker to execute arbitrary code with the same privileges as the server user (root). This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. [email protected] 10.0 2.28% 2022-10-24 2026-06-16
CVE-2021-26728 Command injection and stack-based buffer overflow vulnerabilities in the KillDupUsr_func function of spx_restservice allow an attacker to execute arbitrary code with the same privileges as the server user (root). This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. [email protected] 10.0 2.28% 2022-10-24 2026-06-16
CVE-2021-26727 Multiple command injections and stack-based buffer overflows vulnerabilities in the SubNet_handler_func function of spx_restservice allow an attacker to execute arbitrary code with the same privileges as the server user (root). This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. [email protected] 10.0 2.28% 2022-10-24 2026-06-16
«« 第一页 « 上一页 第 1 / 1 页 下一页 »
cvelogic Threat Intelligence