Vulnerability identifier: #VU9543
Vulnerability risk: Low
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-200
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Lantronix Device Server
Server applications /
Other server solutions
Vendor: Lantronix
Description
The vulnerability allows a remote attacker to obtain potentially sensitive information.
The weakness exists due to the module retrieves the setup record from Lantronix serial-to-ethernet devices via the config port (30718/udp, enabled by default) and extracts the telnet password. A remote attacker can sending a specially crafted request to port 30718, obtain these passwords and perform further attacks.
Mitigation
Cybersecurity Help is currently unaware of any solution addressing the vulnerability.
Vulnerable software versions
Lantronix Device Server: 5.8.0.1
External links
http://github.com/rapid7/metasploit-framework/commit/79da6c7186d659cb08d6f3df85ddd75f4863ce14#diff-...
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.