6 matches found
EUVD-2025-208591
An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The host parameter of the TFTP client in the Filesystem Browser page is not properly sanitized. This can be exploited to escape from the original command and execute an arbitrary one with root privileges...
CVE-2025-67041
An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The host parameter of the TFTP client in the Filesystem Browser page is not properly sanitized. This can be exploited to escape from the original command and execute an arbitrary one with root privileges...
CVE-2025-67041
An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The host parameter of the TFTP client in the Filesystem Browser page is not properly sanitized. This can be exploited to escape from the original command and execute an arbitrary one with root privileges...
Lantronix EDS3000PS 安全漏洞
Lantronix EDS3000PS is a serial port device server developed by the American company Lantronix. The Lantronix EDS3000PS version 3.1.0.0R2 contains a security vulnerability. This vulnerability stems from improper handling of the TFTP client host parameters on the Filesystem Browser page, which cou...
CVE-2025-67041
CVE-2025-67041 affects Lantronix EDS3000PS (3.1.0.0R2). The host parameter of the TFTP client in the Filesystem Browser page is not properly sanitized, enabling an attacker to escape the original command and execute arbitrary commands with root privileges. The vulnerability is rated CVSS v3.1 bas...
CVE-2025-67041
An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The host parameter of the TFTP client in the Filesystem Browser page is not properly sanitized. This can be exploited to escape from the original command and execute an arbitrary one with root privileges...