An information disclosure vulnerability exists in the Web Manager and telnet CLI functionality of Lantronix XPort EDGE 22.214.171.124R11, 126.96.36.199R9, 188.8.131.52R12 and 184.108.40.206R7. A specially crafted HTTP request can cause information disclosure. An attacker can sniff the network to trigger this vulnerability.
Lantronix XPort EDGE 220.127.116.11R11
Lantronix XPort EDGE 18.104.22.168R9
Lantronix XPort EDGE 22.214.171.124R12
Lantronix XPort EDGE 126.96.36.199R7
3.1 - CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
CWE-319 - Cleartext Transmission of Sensitive Information
The XPort EDGE is a next-generation wired Ethernet gateway for providing secure Ethernet connectivity to serial devices.
When configuring secure credentials for the Lantronix XPort EDGE, TLS private keys and AES encryption and decryption keys are transmitted in cleartext over the network. An attacker can sniff the network communications during configuration and capture these keys. The attacker would then have the ability to man in the middle encrypted communications using these keys.
2020-08-10 - Vendor Disclosure
2020-12-16 - Public Release
Discovered by Kelly Leuschner of Cisco Talos.