23 matches found
CVE-2025-70082
An issue in Lantronix EDS3000PS v.3.1.0.0R2 allows an attacker to execute arbitrary code and obtain sensitive information via the ltrxevo component...
CVE-2025-67041
An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The host parameter of the TFTP client in the Filesystem Browser page is not properly sanitized. This can be exploited to escape from the original command and execute an arbitrary one with root privileges...
CVE-2025-67039
An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The authentication on management pages can be bypassed by appending a specific suffix to the URL and by sending an Authorization header that uses "admin" as the username...
EUVD-2025-208589
An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The authentication on management pages can be bypassed by appending a specific suffix to the URL and by sending an Authorization header that uses "admin" as the username...
EUVD-2025-208595
An issue in Lantronix EDS3000PS v.3.1.0.0R2 allows an attacker to execute arbitrary code and obtain sensitive information via the ltrxevo component...
CVE-2025-70082
An issue in Lantronix EDS3000PS v.3.1.0.0R2 allows an attacker to execute arbitrary code and obtain sensitive information via the ltrxevo component...
CVE-2025-67041
An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The host parameter of the TFTP client in the Filesystem Browser page is not properly sanitized. This can be exploited to escape from the original command and execute an arbitrary one with root privileges...
CVE-2025-67039
An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The authentication on management pages can be bypassed by appending a specific suffix to the URL and by sending an Authorization header that uses "admin" as the username...
CVE-2025-67041
An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The host parameter of the TFTP client in the Filesystem Browser page is not properly sanitized. This can be exploited to escape from the original command and execute an arbitrary one with root privileges...
CVE-2025-67039
An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The authentication on management pages can be bypassed by appending a specific suffix to the URL and by sending an Authorization header that uses "admin" as the username...
CVE-2025-70082
An issue in Lantronix EDS3000PS v.3.1.0.0R2 allows an attacker to execute arbitrary code and obtain sensitive information via the ltrxevo component...
CVE-2025-67039
An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The authentication on management pages can be bypassed by appending a specific suffix to the URL and by sending an Authorization header that uses "admin" as the username...
CVE-2025-67041
CVE-2025-67041 affects Lantronix EDS3000PS (3.1.0.0R2). The host parameter of the TFTP client in the Filesystem Browser page is not properly sanitized, enabling an attacker to escape the original command and execute arbitrary commands with root privileges. The vulnerability is rated CVSS v3.1 bas...
CVE-2025-67041
An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The host parameter of the TFTP client in the Filesystem Browser page is not properly sanitized. This can be exploited to escape from the original command and execute an arbitrary one with root privileges...
CVE-2025-70082
An issue in Lantronix EDS3000PS v.3.1.0.0R2 allows an attacker to execute arbitrary code and obtain sensitive information via the ltrxevo component...
CVE-2025-67041
An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The host parameter of the TFTP client in the Filesystem Browser page is not properly sanitized. This can be exploited to escape from the original command and execute an arbitrary one with root privileges...
CVE-2025-70082
An issue in Lantronix EDS3000PS v.3.1.0.0R2 allows an attacker to execute arbitrary code and obtain sensitive information via the ltrxevo component...
Lantronix EDS3000PS 安全漏洞
Lantronix EDS3000PS is a serial device server developed by the American company Lantronix. The Lantronix EDS3000PS version 3.1.0.0R2 contains a security vulnerability. This vulnerability stems from the possibility of bypassing authentication on the management page, allowing attackers to circumven...
CVE-2025-67039
CVE-2025-67039 affects Lantronix EDS3000PS (v3.1.0.0R2). Authentication on management pages can be bypassed by appending a URL suffix and by sending an Authorization header with username “admin,” enabling potential unauthorized access over the network. Related disclosures group this under BRIDGE:...
PT-2026-24725
🔴 CVE-2025-70082 - Critical An issue in Lantronix EDS3000PS v.3.1.0.0R2 allows an attacker to execute arbitrary code and obtain sensitive information via the ltrx evo component https://t.co/N5z4YEHeeB https://t.co/GkGvM2OIgj...