HIGHVulnerability
Verified
Global

CISA KEV: Lantronix EDS5000 — Lantronix EDS5000 Code Injection Vulnerability

·Source: CISA KEV

Updated:

Executive Summary

Lantronix EDS5000 contains a code injection vulnerability that could allow attackers to inject arbitrary OS commands into the username parameter. Injected commands are executed with root privileges.

Analysis

Lantronix EDS5000 contains a code injection vulnerability that could allow attackers to inject arbitrary OS commands into the username parameter. Injected commands are executed with root privileges. Added to CISA Known Exploited Vulnerabilities catalog on 2026-06-23. Remediation due: 2026-06-26.

Indicators of Compromise (1)

CVE (1)
CVE-2025-67038
Source Attribution

Originally published by CISA KEV on Jun 23, 2026. Verified by: CISA.

Related Threats