Lantronix Eds3008Ps1Ns Firmware vulnerabilities
3 known vulnerabilities affecting lantronix/eds3008ps1ns_firmware.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3
Vulnerabilities
Page 1 of 1
CVE-2025-67041P2CRITICALCVSS 9.8v3.1.0.0r22026-03-11
CVE-2025-67041 [CRITICAL] CWE-78 CVE-2025-67041: An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The host parameter of the TFTP client in t
An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The host parameter of the TFTP client in the Filesystem Browser page is not properly sanitized. This can be exploited to escape from the original command and execute an arbitrary one with root privileges.
nvd
CVE-2025-67039P3CRITICALCVSS 9.1v3.1.0.0r22026-03-11
CVE-2025-67039 [CRITICAL] CWE-288 CVE-2025-67039: An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The authentication on management pages can
An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The authentication on management pages can be bypassed by appending a specific suffix to the URL and by sending an Authorization header that uses "admin" as the username.
nvd
CVE-2025-70082P3CRITICALCVSS 9.8v3.1.0.0r22026-03-11
CVE-2025-70082 [CRITICAL] CWE-78 CVE-2025-70082: An issue in Lantronix EDS3000PS v.3.1.0.0R2 allows an attacker to execute arbitrary code and obtain
An issue in Lantronix EDS3000PS v.3.1.0.0R2 allows an attacker to execute arbitrary code and obtain sensitive information via the ltrx_evo component
nvd