CVE-2025-70082

Critical CVSS: 9.8

An issue in Lantronix EDS3000PS v.3.1.0.0R2 allows an attacker to execute arbitrary code and obtain sensitive information via the ltrx_evo component

Vendor

Product

CWE

Yayın Tarihi

2026-03-11 17:16:53

Güncelleme

2026-03-19 20:08:50

Source Identifier

cve@mitre.org

KEV Date Added

CWE-78 Eds3016ps1ns Firmware CRITICAL Lantronix 2026

http://eds3000ps.com http://lantronix.com https://www.cisa.gov/news-events/ics-advisories/icsa-26-069-02

Critical

CVE-2025-67038

An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The HTTP RPC module executes a shell command to write logs when…

Critical

CVE-2025-67039

An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The authentication on management pages can be bypassed by appe…

Critical

CVE-2025-67041

An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The host parameter of the TFTP client in the Filesystem Browse…

Critical

CVE-2025-67035

An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The SSH Client and SSH Server pages are affected by multiple OS…

High

CVE-2025-67036

An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The Log Info page allows users to see log files by specifying th…

High

CVE-2025-67037

An issue was discovered in Lantronix EDS5000 2.1.0.0R3. An authenticated attacker can inject OS commands into the "tunne…