CVE-2025-67038
CVE-2025-67038
In short
The Lantronix EDS5000 device allows attackers to run arbitrary commands as root by injecting malicious code into the username field during login attempts. An attacker can gain complete control of the device without needing valid credentials.
Technical detail
CWE-94 (Improper Control of Generation of Code) via OS command injection in the HTTP RPC module's log-writing mechanism. The username parameter is concatenated unsanitized into a shell command executed during failed authentication, allowing unauthenticated remote code execution with root privileges. No special conditions are required beyond network access to the HTTP interface.
Summary generated and translated by AI from the official description.
An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The HTTP RPC module executes a shell command to write logs when user's authantication fails. The username is directly concatenated with the command without any sanitization. This allow attackers to inject arbitrary OS commands into the username parameter. Injected commands are executed with root privileges.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →