4 matches found
CVE-2025-4338 Lantronix Device Installer Improper Restriction of XML External Entity Reference
Lantronix Device installer is vulnerable to XML external entity XXE attacks in configuration files read from the network device. An attacker could obtain credentials, access these network devices, and modify their configurations. An attacker may also gain access to the host running the Device...
CVE-2025-4338 Lantronix Device Installer Improper Restriction of XML External Entity Reference
Lantronix Device installer is vulnerable to XML external entity XXE attacks in configuration files read from the network device. An attacker could obtain credentials, access these network devices, and modify their configurations. An attacker may also gain access to the host running the Device...
Lantronix Device installer 代码问题漏洞
Lantronix Device installer is a device installer from Lantronix USA. A code issue vulnerability exists in Lantronix Device installer version 4.4.0.7 and prior versions, which stems from an XML external entity attack in a configuration file that could lead to credential disclosure and configuratio...
PT-2025-22568 · Lantronix · Lantronix Device Installer
Name of the Vulnerable Software and Affected Versions: Lantronix Device installer affected versions not specified Description: The issue concerns XML external entity XXE attacks in configuration files read from the network device. An attacker could obtain credentials, access these network devices...