CISA Flags Actively Exploited Lantronix EDS5000 Vulnerability Allowing Root-Level OS Command Injection

CVE-2025-67038 is a critical OS command injection vulnerability in Lantronix EDS5000 serial-to-IP device servers, allowing unauthenticated attackers to execute arbitrary commands with root privileges. CISA has added the flaw to its Known Exploited Vulnerabilities catalog, mandati