CNNVD-202507-2945 Information

CNNVD ID

CNNVD-202507-2945

Related CVE

CVE-2025-7766

• CNNVD Published: 2025-07-22

Description (Chinese)

Lantronix Provisioning Manager是美国Lantronix公司的一款用于网关配置和固件更新的软件。 Lantronix Provisioning Manager存在代码问题漏洞，该漏洞源于网络设备提供的配置文件存在XML外部实体攻击，可能导致未认证远程代码执行。

Description (English)

Lantronix Provising Manager is a United States company, Lantronix, with software for gateway configuration and solidware upgrades. There is a code gap in Lantronix Provisioning Manager, which stems from an attack by an outside XML entity on the configuration provided by the network equipment, which may lead to uncertified remote code execution.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

Lantronix

Published

2025-07-22

Last Modified

2026-02-24

References

https://ltrxdev.atlassian.net/wiki/spaces/LTRXTS/pages/105906637/Latest+Version+of+Lantronix+Provisioning+Manager+LPM https://www.cisa.gov/news-events/ics-advisories/icsa-25-203-02 https://www.exploit-db.com/exploits/52417 https://nvd.nist.gov/vuln/detail/CVE-2025-7766