CVE-2025-7766

Severity CVSS v4.0:
HIGH
Type:
CWE-611 Improper Restriction of XML External Entity Reference ('XXE')
Publication date:
22/07/2025
Last modified:
25/07/2025

Description

Lantronix Provisioning Manager is vulnerable to XML external entity attacks in configuration files supplied by network devices, leading to unauthenticated remote code execution on hosts with Provisioning Manager installed.