Global infos:

A stack-based buffer overflow vulnerability exists in the Web Manager FsBrowseClean functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote code execution in the vulnerable portion of the branch (deletedir). An attacker can make an authenticated HTTP request to trigger this vulnerability.

CVE Status: Modified

References:

[email protected]

af854a3a-2127-422b-91ae-364da2661108

Metrics:

Attribute	Value
Attack Complexity	LOW
Attack Vector	NETWORK
Availability Impact	HIGH
Base Score	9.1
Base Severity	CRITICAL
Confidentiality Impact	HIGH
Integrity Impact	HIGH
Privileges Required	HIGH
Scope	CHANGED
User Interaction	NONE
Vector String	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Exploitability Score	2.3
Impact Score	6
Source	[email protected]
Type	Primary

Links:

Exploit-db
Github