CVE-2025-67035

Name of the Vulnerable Software and Affected Versions Lantronix EDS5000 version 2.1.0.0R3

Description The SSH Client and SSH Server pages are susceptible to multiple OS injection flaws because of inadequate input sanitization. An attacker can inject arbitrary commands during delete operations on various objects, including server keys, users, and known hosts. These commands are executed with root privileges. The vulnerable parameters are not explicitly identified.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.