← Back
Network Infrastructure
CVE-2025-67038 CISA KEV critical CVSS 9.8

An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The HTTP RPC module executes a shell...

Summary

An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The HTTP RPC module executes a shell...

AI summary openai / gpt-4o

A critical vulnerability has been identified in a specific version of Lantronix EDS5000. This issue allows attackers to exploit improperly sanitized usernames logged during authentication failures, executing those as system commands. This flaw could potentially allow attackers to gain unauthorized access and manipulate critical company data. It is strongly advised to update to the latest firmware version. This problem has been reported to CISA and requires high-priority action.
In Lantronix EDS5000 version 2.1.0.0R3, the HTTP RPC module has a vulnerability where the username parameter is not properly sanitized when executing shell commands during authentication failure logging. This allows arbitrary OS commands to be executed with root privileges via the username parameter. The issue affects version 2.1.0.0R3 and can be patched by updating to version 2.2.0.0R1. Detection can be done by grepping specific log entries.
❓ What is the problem
The HTTP RPC module in Lantronix EDS5000 executes unsanitized shell commands by concatenating with the username parameter.
📍 Affected scope
Lantronix EDS5000 firmware version 2.1.0.0R3.
🔥 Severity
Critical (CVSS v3: 9.8), remotely exploitable without authentication.
🔧 How to fix
Upgrade to EDS5000 firmware version 2.2.0.0R1.
🛡️ Workaround
No workaround provided in the material.
🔍 Detection
Inspect log entries for unsanitized command execution.

Related past incidents Similar incidents extracted from past CVEs

Similar OS command injection issue in EDS5000 where commands can be injected into 'name' parameter.
Injection vulnerabilities in SSH Client and Server of EDS5000, allowing root privilege execution.
Log Info page command injection vulnerability in EDS5000 due to unsanitized file name parameter.

If this happens at your company Expected impact per business scenario

📌 エンタープライズネットワーク
ユーザー認証に失敗した際の悪用でネットワークが乗っ取られ、センシティブな情報が流出
📌 産業制御システム
生産ラインの制御に支障をきたし、製品の品質に影響が生じ、設備が不安定になる
📌 政府機関システム
権限外のアクセスにより機密情報が漏洩し、国家安全保障に影響を及ぼす
Recommended action
影響を受ける全てのシステムのファームウェアを最新バージョンにアップデートし、不審なアクセスを監視すること

References

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →