High severity8.0NVD Advisory· Published Jul 22, 2025· Updated Apr 15, 2026

CVE-2025-7766

Description

Lantronix Provisioning Manager is vulnerable to XML external entity attacks in configuration files supplied by network devices, leading to unauthenticated remote code execution on hosts with Provisioning Manager installed.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

ltrxdev.atlassian.net/wiki/spaces/LTRXTS/pages/105906637/Latest+Version+of+Lantronix+Provisioning+Manager+LPMnvd
www.cisa.gov/news-events/ics-advisories/icsa-25-203-02nvd

News mentions

No linked articles in our index yet.

cvss	0.520
epss	0.000
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000