CVE-2025-67036 - Vulnerability Details

Description

An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The Log Info page allows users to see log files by specifying their names. Due to a missing sanitization in the file name parameter, an authenticated attacker can inject arbitrary OS commands that are executed with root privileges.

Published: 2026-03-11

Score: 8.8 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

An authenticated attacker can exploit a missing sanitization check in the Log Info page of Lantronix EDS5000 firmware 2.1.0.0 R3, allowing injection of arbitrary OS commands that execute with root privileges. This flaw is a classic example of CWE-94, giving the attacker the ability to run any command on the underlying operating system, fully compromising confidentiality, integrity, and availability of the device.

Affected Systems

Affected products include Lantronix EDS5008, EDS5016, and EDS5032 running firmware version 2.1.0.0 r3. The vulnerability manifests on the Log Info page, which requires authentication; therefore, only authenticated users with access to this page can trigger the attack. No other firmware versions are identified as vulnerable in the provided data.

Risk and Exploitability

The CVSS score of 8.8 categorizes this flaw as high severity, while an EPSS score of less than 1% suggests that active exploitation is currently rare. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires legitimate credentials with access to the Log Info page, indicating that the attack vector is internal or local with authenticated privileges. The impact is complete system compromise due to root‑level command execution.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

affected

Version	Status	Constraints
`n/a`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:lantronix:eds5032_firmware:2.1.0.0:r3:*:*:*:*:*:*

cpe:2.3:h:lantronix:eds5032:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:lantronix:eds5008_firmware:2.1.0.0:r3:*:*:*:*:*:*

cpe:2.3:h:lantronix:eds5008:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:lantronix:eds5016_firmware:2.1.0.0:r3:*:*:*:*:*:*

cpe:2.3:h:lantronix:eds5016:-:*:*:*:*:*:*:*

No data.

Vendor Product Confidence Versions

Lantronix

Eds5000

80%

Version	Status	Scheme	Platform
`2.1.0.0R3`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply any available firmware update that addresses the Log Info page sanitization issue. If no patch is available, limit or disable access to the Log Info page for all but essential administrators. As a temporary measure, enforce stricter user privilege controls and monitor for unexpected command execution.

Generated by OpenCVE AI on March 19, 2026 at 21:29 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00045.

Exploitation none

Automatable no

Technical Impact total

References

Link	Providers
http://eds5000.com
http://lantronix.com
https://www.cisa.gov/news-events/ics-advisories/icsa-26-069-02

History

Thu, 19 Mar 2026 20:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Lantronix eds5008 Lantronix eds5008 Firmware Lantronix eds5016 Lantronix eds5016 Firmware Lantronix eds5032 Lantronix eds5032 Firmware
CPEs		cpe:2.3:h:lantronix:eds5008:-:::::::* cpe:2.3:h:lantronix:eds5016:-:::::::* cpe:2.3:h:lantronix:eds5032:-:::::::* cpe:2.3:o:lantronix:eds5008_firmware:2.1.0.0:r3:::::: cpe:2.3:o:lantronix:eds5016_firmware:2.1.0.0:r3:::::: cpe:2.3:o:lantronix:eds5032_firmware:2.1.0.0:r3::::::
Vendors & Products		Lantronix eds5008 Lantronix eds5008 Firmware Lantronix eds5016 Lantronix eds5016 Firmware Lantronix eds5032 Lantronix eds5032 Firmware

Thu, 12 Mar 2026 15:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-94
Metrics		cvssV3_1 `{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Thu, 12 Mar 2026 10:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Lantronix Lantronix eds5000
Vendors & Products		Lantronix Lantronix eds5000

Wed, 11 Mar 2026 16:30:00 +0000

Type	Values Removed	Values Added
Description		An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The Log Info page allows users to see log files by specifying their names. Due to a missing sanitization in the file name parameter, an authenticated attacker can inject arbitrary OS commands that are executed with root privileges.
References		http://eds5000.com http://lantronix.com https://www.cisa.gov/news-events/ics-advisories/icsa-26-069-02

Subscriptions

Lantronix Eds5000 Eds5008 Eds5008 Firmware Eds5016 Eds5016 Firmware Eds5032 Eds5032 Firmware

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2026-03-11T00:00:00.000Z

Updated: 2026-03-12T14:38:53.579Z

Reserved: 2025-12-08T00:00:00.000Z

Link: CVE-2025-67036

Vulnrichment

Updated: 2026-03-12T14:35:51.637Z

NVD

Status : Analyzed

Published: 2026-03-11T17:16:51.790

Modified: 2026-03-19T20:15:11.050

Link: CVE-2025-67036

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-03-20T14:33:52Z

Weaknesses

CWE-94

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object