Information disclosure in Lantronix Device Server



Published: 2012-10-14 | Updated: 2017-12-06
Risk Low
Patch available NO
Number of vulnerabilities 1
CVE-ID N/A
CWE-ID CWE-200
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		Lantronix Device Server
Server applications / Other server solutions

Vendor Lantronix

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Information disclosure

EUVDB-ID: #VU9543

Risk: Low

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: N/A

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to the module retrieves the setup record from Lantronix serial-to-ethernet devices via the config port (30718/udp, enabled by default) and extracts the telnet password. A remote attacker can sending a specially crafted request to port 30718, obtain these passwords and perform further attacks.

Mitigation

Cybersecurity Help is currently unaware of any solution addressing the vulnerability.

Vulnerable software versions

Lantronix Device Server: 5.8.0.1

External links

http://github.com/rapid7/metasploit-framework/commit/79da6c7186d659cb08d6f3df85ddd75f4863ce14#diff-...


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###