Description
An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The authentication on management pages can be bypassed by appending a specific suffix to the URL and by sending an Authorization header that uses "admin" as the username.
Published: 2026-03-11
Score: 9.1 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Authentication Bypass
Action: Patch
AI Analysis

Impact

The vulnerability is an authentication bypass on management pages of Lantronix EDS3000PS devices running firmware 3.1.0.0R2. An attacker can append a specific suffix to the URL and send an Authorization header with username "admin", thereby bypassing authentication. This allows unauthorized access to the device's full management interface, potentially enabling configuration changes, data exposure, or denial of service. The weakness is identified as CWE-288: Authentication Bypass Without Authorization.

Affected Systems

The affected systems are Lantronix EDS3000PS firmware 3.1.0.0R2, as described in the vendor's advisory. The provided CPE strings also list hardware models EDS3008PS1NS and EDS3016PS1NS running the same firmware version, so those models should be considered vulnerable. No other firmware versions are mentioned in the available data.

Risk and Exploitability

The CVSS score of 9.1 denotes a very high severity. The EPSS score of <1% indicates a low probability of exploitation at the time of reporting, and the vulnerability is not listed in the CISA KEV catalog. The likely attack vector is remote network access to the device’s HTTP/HTTPS management interface; an attacker only needs to construct the correct URL suffix and set the Authorization header with username "admin". Successful exploitation grants full control over the device without valid credentials.

Generated by OpenCVE AI on March 19, 2026 at 21:54 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check Lantronix’s website or support portal for a firmware update that patches the authentication bypass on EDS3000PS devices.
  • Restrict network access to the device’s management interface to a trusted IP range or VPN only.
  • Disable or change the default "admin" credentials and use strong, unique passwords.
  • If available, enable multi‑factor authentication on the management interface.
  • Configure the device firewall or upstream firewall to block unauthorized traffic to the management ports and monitor access logs for suspicious activity.

Generated by OpenCVE AI on March 19, 2026 at 21:54 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 20 Mar 2026 14:45:00 +0000

Type Values Removed Values Added
Title Authentication Bypass on Lantronix EDS3000PS 3.1.0.0R2 Firmware

Thu, 19 Mar 2026 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Lantronix eds3008ps1ns
Lantronix eds3008ps1ns Firmware
Lantronix eds3016ps1ns
Lantronix eds3016ps1ns Firmware
CPEs cpe:2.3:h:lantronix:eds3008ps1ns:-:*:*:*:*:*:*:*
cpe:2.3:h:lantronix:eds3016ps1ns:-:*:*:*:*:*:*:*
cpe:2.3:o:lantronix:eds3008ps1ns_firmware:3.1.0.0:r2:*:*:*:*:*:*
cpe:2.3:o:lantronix:eds3016ps1ns_firmware:3.1.0.0:r2:*:*:*:*:*:*
Vendors & Products Lantronix eds3008ps1ns
Lantronix eds3008ps1ns Firmware
Lantronix eds3016ps1ns
Lantronix eds3016ps1ns Firmware

Thu, 12 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-288
Metrics cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 12 Mar 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Lantronix
Lantronix eds3000ps
Vendors & Products Lantronix
Lantronix eds3000ps

Wed, 11 Mar 2026 16:30:00 +0000

Type Values Removed Values Added
Description An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The authentication on management pages can be bypassed by appending a specific suffix to the URL and by sending an Authorization header that uses "admin" as the username.
References

Subscriptions

Lantronix Eds3000ps Eds3008ps1ns Eds3008ps1ns Firmware Eds3016ps1ns Eds3016ps1ns Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-03-12T16:09:15.255Z

Reserved: 2025-12-08T00:00:00.000Z

Link: CVE-2025-67039

cve-icon Vulnrichment

Updated: 2026-03-12T16:08:01.529Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-11T17:16:52.117

Modified: 2026-03-19T20:11:05.753

Link: CVE-2025-67039

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-20T14:33:49Z

Weaknesses