← back

CVE-2025-67038

CRITICAL · 9.8 KEV EPSS 1.1%
hype ACTIVE HACK · 92 hack

KEV-listed, CISA active exploitation warning, coordinated defender response underway.

What: Lantronix EDS5000 2.1.0.0R3 HTTP RPC module executes unsanitized OS commands from the username parameter during failed authentication, allowing unauthenticated command injection as root (CVSS 9.8).

Why it matters: KEV-listed as of 2026-06-23 with confirmed active exploitation. CISA has issued urgent patching directive with federal agency deadline of 2026-06-26. Serial-to-IP converters are critical OT/ICS infrastructure; compromised devices enable lateral movement and network takeover.

Where it's seen: Coordinated alerts across Bluesky and X from CISA, threat intelligence platforms (ZoomEye, TRC), and vulnerability tracking services. Posts emphasize imminent deadline and root-level access implications. No public PoC posted yet, but active exploitation reported.

RISK: CRITICAL — Unauthenticated root RCE in OT infrastructure, KEV-listed, active exploitation confirmed, federal deadline urgent.

Generated by claude-haiku-4-5 from public posts and authoritative metadata. AI can make mistakes — verify against vendor advisories before acting. 6/25/2026, 5:09:32 PM

Description

An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The HTTP RPC module executes a shell command to write logs when user's authantication fails. The username is directly concatenated with the command without any sanitization. This allow attackers to inject arbitrary OS commands into the username parameter. Injected commands are executed with root privileges.

CVSS 3.1 breakdown

Exploitability 3.9 · Impact 5.9
vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack vector
Network
Complexity
Low
Privileges required
None
User interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Affected versions

  • lantronix/eds5032_firmware
    • 2.1.0.0r3
  • lantronix/eds5008_firmware
    • 2.1.0.0r3
  • lantronix/eds5016_firmware
    • 2.1.0.0r3

Weaknesses

Vendors

  • lantronix

Products

  • eds5032_firmware
  • eds5032
  • eds5008_firmware
  • eds5008
  • eds5016_firmware
  • eds5016