- Description
- An issue was discovered in Lantronix EDS5000 2.1.0.0R3. An authenticated attacker can inject OS commands into the "name" parameter when deleting SSL credentials through the management interface. Injected commands are executed with root privileges.
- Source
- cve@mitre.org
- NVD status
- Analyzed
- Products
- eds5032_firmware, eds5008_firmware, eds5016_firmware
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-94
- Hype score
- Not currently trending
🚨 HIGH severity CVE-2025-67034 (CVSS 8.8) Lantronix EDS5000 2.1.0.0R3 vulnerable to authenticated OS command injection via SSL credential deletion. Attacker gains root privileges. Patch immediately. #CVE #Vulnerability #PatchNow https://t.co/LfMu59epzB
@DFIR_Lab
23 Jun 2026
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-67034 An issue was discovered in Lantronix EDS5000 2.1.0.0R3. An authenticated attacker can inject OS commands into the "name" parameter when deleting SSL credentials throu… https://t.co/YsE3mFudXD
@CVEnew
15 Mar 2026
198 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lantronix:eds5032_firmware:2.1.0.0r3:*:*:*:*:*:*:*",
"matchCriteriaId": "BFA9E944-25EA-44A8-97EB-EF962EC155EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lantronix:eds5032:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04B4C755-3690-44B1-900A-71C5BEB4A1C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lantronix:eds5008_firmware:2.1.0.0r3:*:*:*:*:*:*:*",
"matchCriteriaId": "CA2F9C4B-D268-4A78-A563-BB0169D2AD28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lantronix:eds5008:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B983DA3B-63DC-4981-A671-66A674234E80",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lantronix:eds5016_firmware:2.1.0.0r3:*:*:*:*:*:*:*",
"matchCriteriaId": "A329F473-DB34-456E-B934-E47DCD7E2573",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lantronix:eds5016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86808903-C99D-4C74-A1D2-3E708B2074D8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
]