MEDIUM🇬🇧 English

CVE-2021-26732

CVSS 6.5v3.1pub. 2022-10-24upd. 2024-11-21

A broken access control vulnerability in the First_network_func function of spx_restservice allows an attacker to arbitrarily change the network configuration of the BMC. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
  • Lannerinc Iac Ast2500a

    HW
    Lannerinc
    wszystkie wersje
  • Lannerinc Iac Ast2500a Firmware

    OS
    Lannerinc
    1.10.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2021-26728CRITICAL10.0ten sam produkt

Command injection and stack-based buffer overflow vulnerabilities in the KillDupUsr_func function of spx_rests...

CVE-2021-26729CRITICAL10.0ten sam produkt

Command injection and multiple stack-based buffer overflows vulnerabilities in the Login_handler_func function...

CVE-2021-26730CRITICAL10.0ten sam produkt

A stack-based buffer overflow vulnerability in a subfunction of the Login_handler_func function of spx_restser...

CVE-2021-26731CRITICAL9.1ten sam produkt

Command injection and multiple stack-based buffer overflows vulnerabilities in the modifyUserb_func function o...

CVE-2021-26727CRITICAL10.0ten sam produkt

Multiple command injections and stack-based buffer overflows vulnerabilities in the SubNet_handler_func functi...

CVE-2021-26732 — MEDIUM 6.5 | CVEbaza.pl