An information disclosure vulnerability exists in the Web Manager and telnet CLI functionality of Lantronix XPort EDGE 3.0.0.0R11,…
talos·CWE-319·Published 2020-12-17
An information disclosure vulnerability exists in the Web Manager and telnet CLI functionality of Lantronix XPort EDGE 3.0.0.0R11, 3.1.0.0R9, 3.4.0.0R12 and 4.2.0.0R7. A specially crafted HTTP request can cause information disclosure. An attacker can sniff the network to trigger this vulnerability.
An information disclosure vulnerability exists in the Web Manager and telnet CLI functionality of Lantronix XPort EDGE 3.0.0.0R11, 3.1.0.0R9, 3.4.0.0R12 and 4.2.0.0R7. A specially crafted HTTP request can cause information disclosure. An attacker can sniff the network to trigger this vulnerability.
Se presenta una vulnerabilidad de divulgación de información en la funcionalidad Web Manager and telnet CLI de Lantronix XPort EDGE versiones 3.0.0.0R11, 3.1.0.0R9, 3.4.0.0R12 y 4.2.0.0R7. Una petición HTTP especialmente diseñada puede causar una divulgación de información. Un atacante puede rastrear la red para desencadenar esta vulnerabilidad
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 2.0 | Primary | NVD | 2.6 | 4.9 | 2.9 | AV:N/AC:H/Au:N/C:P/I:N/A:N |
| 3.0 | Primary | cve.org | 3.1 | — | — | CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N |
| 3.0 | Primary | cve.org | 3.1 | — | — | CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N |
| 3.0 | Secondary | NVD | 3.1 | 1.6 | 1.4 | CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N |
| 3.1 | Primary | NVD | 5.3 | 1.6 | 3.6 | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N |