{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-67036", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-03-12T14:38:53.579Z", "dateReserved": "2025-12-08T00:00:00.000Z", "datePublished": "2026-03-11T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-11T16:10:47.394Z"}, "descriptions": [{"lang": "en", "value": "An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The Log Info page allows users to see log files by specifying their names. Due to a missing sanitization in the file name parameter, an authenticated attacker can inject arbitrary OS commands that are executed with root privileges."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "http://lantronix.com"}, {"url": "http://eds5000.com"}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-069-02"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-94", "lang": "en", "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-12T14:35:16.957313Z", "id": "CVE-2025-67036", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-12T14:38:53.579Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-67036", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-12T14:35:16.957313Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-94", "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-12T14:35:51.637Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "http://lantronix.com"}, {"url": "http://eds5000.com"}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-069-02"}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The Log Info page allows users to see log files by specifying their names. Due to a missing sanitization in the file name parameter, an authenticated attacker can inject arbitrary OS commands that are executed with root privileges."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-11T16:10:47.394Z"}}}, "cveMetadata": {"cveId": "CVE-2025-67036", "state": "PUBLISHED", "dateUpdated": "2026-03-12T14:38:53.579Z", "dateReserved": "2025-12-08T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-03-11T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lantronix:eds5032_firmware:2.1.0.0:r3:*:*:*:*:*:*", "matchCriteriaId": "7C529D16-1DCD-4189-8543-F68094F235B8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lantronix:eds5032:-:*:*:*:*:*:*:*", "matchCriteriaId": "04B4C755-3690-44B1-900A-71C5BEB4A1C0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lantronix:eds5008_firmware:2.1.0.0:r3:*:*:*:*:*:*", "matchCriteriaId": "C9E5F912-430B-49D0-8E5A-B50B176DD50D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lantronix:eds5008:-:*:*:*:*:*:*:*", "matchCriteriaId": "B983DA3B-63DC-4981-A671-66A674234E80", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lantronix:eds5016_firmware:2.1.0.0:r3:*:*:*:*:*:*", "matchCriteriaId": "4134547D-338A-4553-AAE7-5A2DFE374A20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lantronix:eds5016:-:*:*:*:*:*:*:*", "matchCriteriaId": "86808903-C99D-4C74-A1D2-3E708B2074D8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The Log Info page allows users to see log files by specifying their names. Due to a missing sanitization in the file name parameter, an authenticated attacker can inject arbitrary OS commands that are executed with root privileges."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en Lantronix EDS5000 2.1.0.0R3. La p\u00e1gina Log Info permite a los usuarios ver archivos de registro especificando sus nombres. Debido a una falta de sanitizaci\u00f3n en el par\u00e1metro del nombre de archivo, un atacante autenticado puede inyectar comandos arbitrarios del sistema operativo que se ejecutan con privilegios de root."}], "id": "CVE-2025-67036", "lastModified": "2026-03-19T20:15:11.050", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-11T17:16:51.790", "references": [{"source": "cve@mitre.org", "tags": ["Not Applicable"], "url": "http://eds5000.com"}, {"source": "cve@mitre.org", "tags": ["Product"], "url": "http://lantronix.com"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-069-02"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.1.0.0R3"}}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "eds5000", "vendor": "lantronix"}], "analysis": {"en": {"generated_at": "2026-03-19T21:29:15.281475+00:00", "value": {"mitigation_remediation": ["Apply any available firmware update that addresses the Log Info page sanitization issue. If no patch is available, limit or disable access to the Log Info page for all but essential administrators. As a temporary measure, enforce stricter user privilege controls and monitor for unexpected command execution."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "Affected products include Lantronix EDS5008, EDS5016, and EDS5032 running firmware version 2.1.0.0 r3. The vulnerability manifests on the Log Info page, which requires authentication; therefore, only authenticated users with access to this page can trigger the attack. No other firmware versions are identified as vulnerable in the provided data.", "description_and_impact": "An authenticated attacker can exploit a missing sanitization check in the Log Info page of Lantronix EDS5000 firmware 2.1.0.0 R3, allowing injection of arbitrary OS commands that execute with root privileges. This flaw is a classic example of CWE-94, giving the attacker the ability to run any command on the underlying operating system, fully compromising confidentiality, integrity, and availability of the device.", "risk_and_exploitability": "The CVSS score of 8.8 categorizes this flaw as high severity, while an EPSS score of less than 1% suggests that active exploitation is currently rare. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires legitimate credentials with access to the Log Info page, indicating that the attack vector is internal or local with authenticated privileges. The impact is complete system compromise due to root\u2011level command execution."}}}}, "created": "2026-03-12T10:06:38.815642+00:00", "updated": "2026-03-20T14:33:52.006344+00:00", "vendors": ["lantronix", "lantronix$PRODUCT$eds5000"]}