CVE-2021-44776
Published
CVSS v3
6.5
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT
Description
A broken access control vulnerability in the SubNet_handler_func function of spx_restservice allows an attacker to arbitrarily change the security access rights to KVM and Virtual Media functionalities. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0.
Pilot program for CVE submission through GitHub. CVE Record Submission via Pilot PRs ending 6/30/2023
GitHub