CVE-2021-26728

Published October 24th, 2022

View on NVD ↗

CVSS v3

CRITICAL

CVSS v2

N/A

Affected

PROJECT

Description

Command injection and stack-based buffer overflow vulnerabilities in the KillDupUsr_func function of spx_restservice allow an attacker to execute arbitrary code with the same privileges as the server user (root). This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0.

CVEProject/cvelist

Pilot program for CVE submission through GitHub. CVE Record Submission via Pilot PRs ending 6/30/2023

GitHub

1.49K