CVE-2021-21896

Name of the Vulnerable Software and Affected Versions Lantronix PremierWave 2050 version 8.9.0.0R4

Description A directory traversal issue exists in the Web Manager FsBrowseClean functionality, allowing an attacker to make a specially crafted HTTP request that can lead to arbitrary file deletion. This can be triggered by an authenticated HTTP request.

Recommendations For version 8.9.0.0R4, consider restricting access to the FsBrowseClean functionality until a fix is available. As a temporary workaround, limit the ability to make authenticated HTTP requests to the affected Web Manager functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.