{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-67034", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-03-12T14:31:58.900Z", "dateReserved": "2025-12-08T00:00:00.000Z", "datePublished": "2026-03-11T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-11T16:08:35.626Z"}, "descriptions": [{"lang": "en", "value": "An issue was discovered in Lantronix EDS5000 2.1.0.0R3. An authenticated attacker can inject OS commands into the \"name\" parameter when deleting SSL credentials through the management interface. Injected commands are executed with root privileges."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "http://lantronix.com"}, {"url": "http://eds5000.com"}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-069-02"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-94", "lang": "en", "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-12T14:29:32.430814Z", "id": "CVE-2025-67034", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-12T14:31:58.900Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-67034", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-12T14:29:32.430814Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-94", "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-12T14:31:53.165Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "http://lantronix.com"}, {"url": "http://eds5000.com"}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-069-02"}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Lantronix EDS5000 2.1.0.0R3. An authenticated attacker can inject OS commands into the \"name\" parameter when deleting SSL credentials through the management interface. Injected commands are executed with root privileges."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-11T16:08:35.626Z"}}}, "cveMetadata": {"cveId": "CVE-2025-67034", "state": "PUBLISHED", "dateUpdated": "2026-03-12T14:31:58.900Z", "dateReserved": "2025-12-08T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-03-11T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lantronix:eds5032_firmware:2.1.0.0:r3:*:*:*:*:*:*", "matchCriteriaId": "7C529D16-1DCD-4189-8543-F68094F235B8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lantronix:eds5032:-:*:*:*:*:*:*:*", "matchCriteriaId": "04B4C755-3690-44B1-900A-71C5BEB4A1C0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lantronix:eds5008_firmware:2.1.0.0:r3:*:*:*:*:*:*", "matchCriteriaId": "C9E5F912-430B-49D0-8E5A-B50B176DD50D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lantronix:eds5008:-:*:*:*:*:*:*:*", "matchCriteriaId": "B983DA3B-63DC-4981-A671-66A674234E80", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lantronix:eds5016_firmware:2.1.0.0:r3:*:*:*:*:*:*", "matchCriteriaId": "4134547D-338A-4553-AAE7-5A2DFE374A20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lantronix:eds5016:-:*:*:*:*:*:*:*", "matchCriteriaId": "86808903-C99D-4C74-A1D2-3E708B2074D8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An issue was discovered in Lantronix EDS5000 2.1.0.0R3. An authenticated attacker can inject OS commands into the \"name\" parameter when deleting SSL credentials through the management interface. Injected commands are executed with root privileges."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en Lantronix EDS5000 2.1.0.0R3. Un atacante autenticado puede inyectar comandos del sistema operativo en el par\u00e1metro 'name' al eliminar credenciales SSL a trav\u00e9s de la interfaz de gesti\u00f3n. Los comandos inyectados se ejecutan con privilegios de root."}], "id": "CVE-2025-67034", "lastModified": "2026-03-19T20:23:48.770", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-11T17:16:50.393", "references": [{"source": "cve@mitre.org", "tags": ["Not Applicable"], "url": "http://eds5000.com"}, {"source": "cve@mitre.org", "tags": ["Product"], "url": "http://lantronix.com"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-069-02"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.1.0.0R3"}}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "eds5000", "vendor": "lantronix"}], "analysis": {"en": {"generated_at": "2026-03-19T21:29:56.515108+00:00", "value": {"mitigation_remediation": ["Apply the latest firmware update that resolves the command injection flaw.", "Restrict management interface access to trusted IP addresses or subnets.", "Disable or limit the SSL credential deletion feature if not required.", "Monitor system logs for anomalous command execution or unauthorized credential deletion attempts.", "Follow vendor advisories and patch promptly when additional mitigations become available."], "summary": {"action": "Immediate Patch", "impact": "Authenticated Root Command Execution"}, "threat_synthesis": {"affected_systems": "Affected products include Lantronix EDS5008, EDS5016, and EDS5032 devices running firmware versions 2.1.0.0 r3. The specific CPE identifiers are: cpe:2.3:o:lantronix:eds5008_firmware:2.1.0.0:r3, cpe:2.3:o:lantronix:eds5016_firmware:2.1.0.0:r3, and cpe:2.3:o:lantronix:eds5032_firmware:2.1.0.0:r3. Hardware models listed are cpe:2.3:h:lantronix:eds5008, cpe:2.3:h:lantronix:eds5016, and cpe:2.3:h:lantronix:eds5032.", "description_and_impact": "An authenticated OS command injection vulnerability exists in the Lantronix EDS series firmware, specifically during the deletion of SSL credentials via the management interface. The flaw arises from improper validation of the \"name\" parameter, allowing an attacker to inject arbitrary operating system commands. The injected commands are executed with root privileges, giving full control over the device. This vulnerability is classified as CWE-94 \u2013 Improper Constraint on Regular Expression or similar Input Validation, leading to remote command execution that can compromise confidentiality, integrity, and availability of the affected system.", "risk_and_exploitability": "The vulnerability has a CVSS score of 8.8, indicating high severity, yet the EPSS score is less than 1%, suggesting a low current exploitation probability. It is not listed in CISA\u2019s KEV catalog. Exploitation requires valid authentication to the management interface, indicating an insider or credential-compromised attack scenario. Successful exploitation would enable an attacker to gain root-level access and potentially disrupt or exfiltrate data from the device."}}}}, "created": "2026-03-12T10:06:40.889463+00:00", "title": "Authenticated OS Command Injection via SSL Credential Deletion in Lantronix EDS5000 Firmware 2.1.0.0R3", "updated": "2026-03-20T14:33:53.778820+00:00", "vendors": ["lantronix", "lantronix$PRODUCT$eds5000"]}