CVE-2025-67038CRITICAL 9.8EPSS p36.9%

CVE-2025-67038CVE-2025-67038

Description

An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The HTTP RPC module executes a shell command to write logs when user's authantication fails. The username is directly concatenated with the command without any sanitization. This allow attackers to inject arbitrary OS commands into the username parameter. Injected commands are executed with root privileges.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.47% probability of exploitation · percentile 36.9% · 2026-06-18T12:00:27Z
Published2026-03-11
Last modified2026-03-19

Underlying weaknesses· 1

CWE-94

References

  1. http://eds5000.com
  2. http://lantronix.com
  3. https://www.cisa.gov/news-events/ics-advisories/icsa-26-069-02

1

TypeTargetConfidenceTier
WeaknessImproper Control of Generation of Code ('Code Injection')cwe-940%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-67036
CVE
CVE-2025-67037
CVE
CVE-2025-67034
CVE
CVE-2025-67035
CVE
CVE-2025-67039
CVE
CVE-2025-67041
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.