CVE-2025-7766

High CVSS 8.0

Overview

Lantronix Provisioning Manager is vulnerable to XML external entity attacks in configuration files supplied by network devices, leading to unauthenticated remote code execution on hosts with Provisioning Manager installed.

CWE: CWE-611 Published: 2025-07-22T22:15:38.683

Risk analysis

This vulnerability is rated 🟠 HIGH.

CVSS: 8.0 (HIGH)
Detected tags: rce, xxe (tag impact: VERY HIGH)

Recommended actions:

Patch/upgrade immediately (remote code execution).
Reduce exposure (WAF/segmentation), minimize attack surface.
Disable external entities in XML parsers; use safe libraries.

Overview

Recommended tools

Tags