Description
An issue was discovered in Lantronix EDS5000 2.1.0.0R3. An authenticated attacker can inject OS commands into the "name" parameter when deleting SSL credentials through the management interface. Injected commands are executed with root privileges.
Published: 2026-03-11
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Authenticated Root Command Execution
Action: Immediate Patch
AI Analysis

Impact

An authenticated OS command injection vulnerability exists in the Lantronix EDS series firmware, specifically during the deletion of SSL credentials via the management interface. The flaw arises from improper validation of the "name" parameter, allowing an attacker to inject arbitrary operating system commands. The injected commands are executed with root privileges, giving full control over the device. This vulnerability is classified as CWE-94 – Improper Constraint on Regular Expression or similar Input Validation, leading to remote command execution that can compromise confidentiality, integrity, and availability of the affected system.

Affected Systems

Affected products include Lantronix EDS5008, EDS5016, and EDS5032 devices running firmware versions 2.1.0.0 r3. The specific CPE identifiers are: cpe:2.3:o:lantronix:eds5008_firmware:2.1.0.0:r3, cpe:2.3:o:lantronix:eds5016_firmware:2.1.0.0:r3, and cpe:2.3:o:lantronix:eds5032_firmware:2.1.0.0:r3. Hardware models listed are cpe:2.3:h:lantronix:eds5008, cpe:2.3:h:lantronix:eds5016, and cpe:2.3:h:lantronix:eds5032.

Risk and Exploitability

The vulnerability has a CVSS score of 8.8, indicating high severity, yet the EPSS score is less than 1%, suggesting a low current exploitation probability. It is not listed in CISA’s KEV catalog. Exploitation requires valid authentication to the management interface, indicating an insider or credential-compromised attack scenario. Successful exploitation would enable an attacker to gain root-level access and potentially disrupt or exfiltrate data from the device.

Generated by OpenCVE AI on March 19, 2026 at 21:29 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest firmware update that resolves the command injection flaw.
  • Restrict management interface access to trusted IP addresses or subnets.
  • Disable or limit the SSL credential deletion feature if not required.
  • Monitor system logs for anomalous command execution or unauthorized credential deletion attempts.
  • Follow vendor advisories and patch promptly when additional mitigations become available.

Generated by OpenCVE AI on March 19, 2026 at 21:29 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 20 Mar 2026 14:45:00 +0000

Type Values Removed Values Added
Title Authenticated OS Command Injection via SSL Credential Deletion in Lantronix EDS5000 Firmware 2.1.0.0R3

Thu, 19 Mar 2026 20:30:00 +0000

Type Values Removed Values Added
First Time appeared Lantronix eds5008
Lantronix eds5008 Firmware
Lantronix eds5016
Lantronix eds5016 Firmware
Lantronix eds5032
Lantronix eds5032 Firmware
CPEs cpe:2.3:h:lantronix:eds5008:-:*:*:*:*:*:*:*
cpe:2.3:h:lantronix:eds5016:-:*:*:*:*:*:*:*
cpe:2.3:h:lantronix:eds5032:-:*:*:*:*:*:*:*
cpe:2.3:o:lantronix:eds5008_firmware:2.1.0.0:r3:*:*:*:*:*:*
cpe:2.3:o:lantronix:eds5016_firmware:2.1.0.0:r3:*:*:*:*:*:*
cpe:2.3:o:lantronix:eds5032_firmware:2.1.0.0:r3:*:*:*:*:*:*
Vendors & Products Lantronix eds5008
Lantronix eds5008 Firmware
Lantronix eds5016
Lantronix eds5016 Firmware
Lantronix eds5032
Lantronix eds5032 Firmware

Fri, 13 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 12 Mar 2026 15:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-94
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Thu, 12 Mar 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Lantronix
Lantronix eds5000
Vendors & Products Lantronix
Lantronix eds5000

Wed, 11 Mar 2026 16:30:00 +0000

Type Values Removed Values Added
Description An issue was discovered in Lantronix EDS5000 2.1.0.0R3. An authenticated attacker can inject OS commands into the "name" parameter when deleting SSL credentials through the management interface. Injected commands are executed with root privileges.
References

Subscriptions

Lantronix Eds5000 Eds5008 Eds5008 Firmware Eds5016 Eds5016 Firmware Eds5032 Eds5032 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-03-12T14:31:58.900Z

Reserved: 2025-12-08T00:00:00.000Z

Link: CVE-2025-67034

cve-icon Vulnrichment

Updated: 2026-03-12T14:31:53.165Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-11T17:16:50.393

Modified: 2026-03-19T20:23:48.770

Link: CVE-2025-67034

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-20T14:33:53Z

Weaknesses