Talos Vulnerability Report


Lantronix XPort EDGE Web Manager CSRF vulnerability

December 16, 2020
CVE Number



An authentication bypass vulnerability exists in the Web Manager functionality of Lantronix XPort EDGE,, and A specially crafted HTTP request can cause increased privileges. An attacker can send an HTTP request to trigger this vulnerability.

Tested Versions

Lantronix XPort EDGE
Lantronix XPort EDGE
Lantronix XPort EDGE
Lantronix XPort EDGE
Lantronix SGX 5150
Lantronix SGX 5150

Product URLs


CVSSv3 Score

4.8 - CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:H/A:N


CWE-352 - Cross-Site Request Forgery (CSRF)


The XPort EDGE is a next-generation wired Ethernet gateway for providing secure Ethernet connectivity to serial devices.

A GET request to the XPort EDGE Web Manager application with a valid username and password will cause a session to be set for that user. Any subsequent requests made by the user’s browser will be granted the same privileges as the original authenticated GET request. An attacker could craft a malicious web page that submits a POST request which would allow an attacker to modify configuration data. Some examples of configuration changes that could be made by an attacker include, enabling or disabling services such as telnet, modification of user credentials, and modifying the serial line configuration. This attack could result in denying access to legitimate users, allowing the attacker to further configure the device through the telnet service, or denying access to the serial line data.


2020-08-10 - Vendor Disclosure
2020-12-16 - Public Release


Discovered by Kelly Leuschner of Cisco Talos.