CVE-2021-21881
Description
An OS command injection vulnerability exists in the Web Manager Wireless Network Scanner functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
NVD
Severity: CRITICAL
CVE ID: CVE-2021-21881
CVSS Score: 9.9
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Talos
Severity: CRITICAL
CVE ID: CVE-2021-21881
CVSS Score: 9.9
CVSS Metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Proof Of Concept
Nuclei Templates for CVE-2021-21881
Refrence: Project Discovery GitHub
Content on GitHub
theabysslabs | watchers:21
CVE-2022-21881
POC of CVE-2022-21881 exploited at TianfuCup 2021 to escape Chrome Sandbox
Refrence: GitHub