Vulnerability identifier: #VU9543

Vulnerability risk: Low

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: N/A

CWE-ID: CWE-200

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Lantronix Device Server
Server applications / Other server solutions

Vendor: Lantronix

Description
The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to the module retrieves the setup record from Lantronix serial-to-ethernet devices via the config port (30718/udp, enabled by default) and extracts the telnet password. A remote attacker can sending a specially crafted request to port 30718, obtain these passwords and perform further attacks.

Mitigation
Cybersecurity Help is currently unaware of any solution addressing the vulnerability.

Vulnerable software versions

Lantronix Device Server: 5.8.0.1

---

External links
http://github.com/rapid7/metasploit-framework/commit/79da6c7186d659cb08d6f3df85ddd75f4863ce14#diff-...

---

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.