CVE-2025-67041
Received Received - Intake
Command Injection in Lantronix EDS3000PS TFTP Client Allows Root Access

Publication date: 2026-03-11

Last updated on: 2026-03-19

Assigner: MITRE

Description
An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The host parameter of the TFTP client in the Filesystem Browser page is not properly sanitized. This can be exploited to escape from the original command and execute an arbitrary one with root privileges.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-11
Last Modified
2026-03-19
Generated
2026-06-16
AI Q&A
2026-03-11
EPSS Evaluated
2026-06-15
NVD
CVE-2025-67041
EUVD
EUVD-2025-208591
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
lantronix eds3016ps1ns_firmware 3.1.0.0
lantronix eds3008ps1ns_firmware 3.1.0.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-288 The product requires authentication, but the product has an alternate path or channel that does not require authentication.
CWE-620 When setting a new password for a user, the product does not require knowledge of the original password, or using another form of authentication.
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in Lantronix EDS3000PS version 3.1.0.0R2. It involves improper sanitization of the host parameter in the TFTP client on the Filesystem Browser page. Because the input is not properly sanitized, an attacker can exploit this flaw to escape the intended command context and execute arbitrary commands with root privileges on the device.

Impact Analysis

Exploitation of this vulnerability allows an attacker to execute arbitrary commands with root privileges on the affected device. This can lead to full system compromise, unauthorized access to sensitive data, disruption of device functionality, and potentially using the device as a foothold for further attacks within a network.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-67041. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart