Device Installer
Approved changes feed: RSS · Atom
cpe:2.3:a:lantronix:device_installer:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Lantronix (202287bc-8c55-5db8-b040-60b41e51fe84) |
|---|---|
| Product | Device Installer (6a1693cd-5245-516d-99a7-0959099894fb) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-4338 |
vulnerable | 2026-06-03 15:01:47.467998 |
Lantronix Device Installer Improper Restriction of XML External Entity Reference
MEDIUM (6.8)
Lantronix Device installer is vulnerable to XML external entity (XXE) attacks in configuration files read from the network device. An attacker could obtain credentials, access these network devices, and modify their configurations. An attacker may also gain access to the host running the Device Installer software or the password hash of the user running the application.
Published: 2025-05-22T23:00:02.999Z
Updated: 2025-05-23T13:34:42.688Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.