HIGHVulnerability
Verified
Global
CISA KEV: Lantronix EDS5000 — Lantronix EDS5000 Code Injection Vulnerability
·Source: CISA KEV
Updated:
Executive Summary
Lantronix EDS5000 contains a code injection vulnerability that could allow attackers to inject arbitrary OS commands into the username parameter. Injected commands are executed with root privileges.
Analysis
Lantronix EDS5000 contains a code injection vulnerability that could allow attackers to inject arbitrary OS commands into the username parameter. Injected commands are executed with root privileges. Added to CISA Known Exploited Vulnerabilities catalog on 2026-06-23. Remediation due: 2026-06-26.