CVE-2025-67034

An issue was discovered in Lantronix EDS5000 2.1.0.0R3. An authenticated attacker can inject OS commands into the "name" parameter when deleting SSL credentials through the management interface. Injected commands are executed with root privileges.

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
http://eds5000.com	Not Applicable
http://lantronix.com	Product
https://www.cisa.gov/news-events/ics-advisories/icsa-26-069-02	Third Party Advisory US Government Resource

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:lantronix:eds5032_firmware:2.1.0.0:r3:*:*:*:*:*:*

cpe:2.3:h:lantronix:eds5032:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:lantronix:eds5008_firmware:2.1.0.0:r3:*:*:*:*:*:*

cpe:2.3:h:lantronix:eds5008:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:lantronix:eds5016_firmware:2.1.0.0:r3:*:*:*:*:*:*

cpe:2.3:h:lantronix:eds5016:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2026-03-11 17:16

Updated : 2026-03-19 20:23

NVD link : CVE-2025-67034

Mitre link : CVE-2025-67034

CVE.ORG link : CVE-2025-67034

JSON object : View

Products Affected

lantronix

eds5032_firmware
eds5008_firmware
eds5032
eds5016
eds5008
eds5016_firmware

CWE

CWE-94

Improper Control of Generation of Code ('Code Injection')

{"id": "CVE-2025-67034", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2026-03-11T17:16:50.393", "references": [{"url": "http://eds5000.com", "tags": ["Not Applicable"], "source": "cve@mitre.org"}, {"url": "http://lantronix.com", "tags": ["Product"], "source": "cve@mitre.org"}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-069-02", "tags": ["Third Party Advisory", "US Government Resource"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-94"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Lantronix EDS5000 2.1.0.0R3. An authenticated attacker can inject OS commands into the \"name\" parameter when deleting SSL credentials through the management interface. Injected commands are executed with root privileges."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en Lantronix EDS5000 2.1.0.0R3. Un atacante autenticado puede inyectar comandos del sistema operativo en el par\u00e1metro 'name' al eliminar credenciales SSL a trav\u00e9s de la interfaz de gesti\u00f3n. Los comandos inyectados se ejecutan con privilegios de root."}], "lastModified": "2026-03-19T20:23:48.770", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lantronix:eds5032_firmware:2.1.0.0:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7C529D16-1DCD-4189-8543-F68094F235B8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lantronix:eds5032:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "04B4C755-3690-44B1-900A-71C5BEB4A1C0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lantronix:eds5008_firmware:2.1.0.0:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9E5F912-430B-49D0-8E5A-B50B176DD50D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lantronix:eds5008:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B983DA3B-63DC-4981-A671-66A674234E80"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lantronix:eds5016_firmware:2.1.0.0:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4134547D-338A-4553-AAE7-5A2DFE374A20"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lantronix:eds5016:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "86808903-C99D-4C74-A1D2-3E708B2074D8"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}