Skip to main content
Radar
DashboardThreatsMapFeedsAPI
reconnecting

CVE-2025-7766: CWE-611 Improper Restriction of XML External Entity Reference in Lantronix Provisioning Manager

High
VulnerabilityCVE-2025-7766cvecve-2025-7766cwe-611
Published: Tue Jul 22 2025 (07/22/2025, 21:44:10 UTC)
Source: CVE Database V5
Vendor/Project: Lantronix
Product: Provisioning Manager

Description

Lantronix Provisioning Manager is vulnerable to XML external entity attacks in configuration files supplied by network devices, leading to unauthenticated remote code execution on hosts with Provisioning Manager installed.

Technical Details

Data Version
5.1
Assigner Short Name
icscert
Date Reserved
2025-07-17T14:41:27.079Z
Cvss Version
4.0
State
PUBLISHED

Threat ID: 688007daa915ff00f7fbc690

Added to database: 7/22/2025, 9:51:22 PM

Last updated: 7/22/2025, 9:51:22 PM

Views: 1

Related Threats

CVE-2025-54137: CWE-1392: Use of Default Credentials in haxtheweb issues

High
VulnerabilityTue Jul 22 2025

CVE-2025-53703: CWE-319 Cleartext Transmission of Sensitive Information in DuraComm Corporation SPM-500 DP-10iN-100-MU

High
VulnerabilityTue Jul 22 2025

CVE-2025-53538: CWE-770: Allocation of Resources Without Limits or Throttling in OISF suricata

High
VulnerabilityTue Jul 22 2025

CVE-2025-48733: CWE-306 Missing Authentication for Critical Function in DuraComm Corporation SPM-500 DP-10iN-100-MU

High
VulnerabilityTue Jul 22 2025

CVE-2025-41425: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in DuraComm Corporation SPM-500 DP-10iN-100-MU

High
VulnerabilityTue Jul 22 2025

Actions

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats