Critical Vulnerabilities have been identified in Lantronix Wi-Fi module designed for critical industrial and commercial applications.
The affected product, the PremierWave 2050 enterprise Wi-Fi module, delivers always-on 5G Wi-Fi connectivity, and is designed for mission critical operations.Total of 21 vulnerabilities, a majority of which have been assigned critical or high severity ratings includes command injection, remote code execution , local file inclusion and information disclosure
Lantronix Wi-Fi module vulnerabilities. The researchers have reproduced the vulnerabilities on Lantronix PremierWave 2050 version 126.96.36.199R4, and there are no official patches for the security holes.
A remote attacker can exploit the flaws to completely compromise the PremierWave 2050 operating system. What they can do from there depends on the capabilities of the system the module is embedded in.
A potentially vulnerable device, hard-coded strings in the PremierWave 2050 firmware indicate at least one Medical Device Manufacturer is using the Lantronix device, and the location of those strings make it very likely they use the vulnerable service.
While exploitation of all of these vulnerabilities requires authentication, the PremierWave 2050 firmware includes default credentials that can be found online, and it’s up to the third-party device manufacturer or the end-user to change those default credentials.
The system will notify the administrator of the usage of the default password, but that notification exists in a configuration page two clicks away from the home page. Given that the PremierWave 2050 is intended as a basis to have some other system built on top of it, it is quite possible the end-user will not make use of, or even be aware of, this interface and therefore not update the password.
If the credentials have been changed, it may be possible for an attacker particularly in older versions to obtain them by sniffing the traffic of an authenticated user