๐ฅ This vulnerability is being actively exploited in the wild (CISA Known Exploited Vulnerabilities catalog)
CVE-2025-67038: Lantronix EDS5000 Code Injection Vulnerability
Summary
Lantronix EDS5000 devices contain a code injection vulnerability (a flaw that lets attackers insert malicious commands into the system) in the username parameter that allows attackers to execute arbitrary OS commands (any commands they want) with root privileges (the highest level of system access). This vulnerability is currently being actively exploited by real attackers.
Solution / Mitigation
Apply mitigations in accordance with vendor instructions. Follow CISA's BOD 26-04 (Prioritizing Security Updates Based on Risk) guidance, which includes patching timelines and evaluating internet exposure. If mitigations are unavailable, discontinue use of the product. See vendor firmware updates at https://ltrxdev.atlassian.net/wiki/spaces/LTRXTS/pages/2538438657/Latest+Firmware+for+the+EDS5000+series+EDS5008+EDS5016+EDS5032 and CISA BOD 26-04 guidance at https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk.
Vulnerability Details
EPSS: 0.5%
Yes
๐ฅ Actively Exploited
June 22, 2026
Classification
Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-67038
First tracked: June 23, 2026 at 02:00 PM
Classified by LLM (prompt v3) ยท confidence: 95%