Lantronix: >> Xport Edge Security Vulnerabilities
Lantronix XPort sends weakly encoded credentials within web request headers.
CVSS Score
5.7
EPSS Score
0.001
Published
2024-01-23
An authentication bypass vulnerability exists in the Web Manager functionality of Lantronix XPort EDGE 3.0.0.0R11, 3.1.0.0R9, 3.4.0.0R12 and 4.2.0.0R7. A specially crafted HTTP request can cause increased privileges. An attacker can send an HTTP request to trigger this vulnerability.
CVSS Score
4.8
EPSS Score
0.001
Published
2020-12-18
An information disclosure vulnerability exists in the Web Manager and telnet CLI functionality of Lantronix XPort EDGE 3.0.0.0R11, 3.1.0.0R9, 3.4.0.0R12 and 4.2.0.0R7. A specially crafted HTTP request can cause information disclosure. An attacker can sniff the network to trigger this vulnerability.
CVSS Score
3.1
EPSS Score
0.003
Published
2020-12-18