Vulnerabilities (CVE)

Vendor filter

Moxa Subscribe

Product filter

Edr-810 Firmware Subscribe

Filter

20 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-10969 1 Moxa 1 Edr-810 Firmware 2019-10-16 6.5
Moxa EDR 810, all versions 5.1 and prior, allows an authenticated attacker to abuse the ping feature to execute unauthorized commands on the router, which may allow an attacker to perform remote code execution.
CVE-2017-12123 1 Moxa 1 Edr-810 Firmware 2019-10-03 3.3
An exploitable clear text transmission of password vulnerability exists in the web server and telnet functionality of Moxa EDR-810 V4.1 build 17030317. An attacker can look at network traffic to get the admin password for the device. The attacker...
CVE-2017-12127 1 Moxa 1 Edr-810 Firmware 2019-10-03 2.1
A password storage vulnerability exists in the operating system functionality of Moxa EDR-810 V4.1 build 17030317. An attacker with shell access could extract passwords in clear text from the device.
CVE-2018-16282 1 Moxa 1 Edr-810 Firmware 2018-11-05 9.0
A command injection vulnerability in the web server functionality of Moxa EDR-810 V4.2 build 18041013 allows remote attackers to execute arbitrary OS commands with root privilege via the caname parameter to the /xml/net_WebCADELETEGetValue URI.
CVE-2017-12126 1 Moxa 1 Edr-810 Firmware 2018-06-19 6.8
An exploitable cross-site request forgery vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP packet can cause cross-site request forgery. An attacker can create malicious HTML to...
CVE-2017-14436 1 Moxa 1 Edr-810 Firmware 2018-06-18 5.0
An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in denial of service. An attacker can send a...
CVE-2017-12128 1 Moxa 1 Edr-810 Firmware 2018-06-18 5.0
An exploitable information disclosure vulnerability exists in the Server Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted TCP packet can cause information disclosure. An attacker can send a crafted TCP packet to...
CVE-2017-12129 1 Moxa 1 Edr-810 Firmware 2018-06-18 2.9
An exploitable Weak Cryptography for Passwords vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. An attacker could intercept weakly encrypted passwords and could brute force them.
CVE-2017-14437 1 Moxa 1 Edr-810 Firmware 2018-06-15 5.0
An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in denial of service. An attacker can send a...
CVE-2017-14439 1 Moxa 1 Edr-810 Firmware 2018-06-15 5.0
Exploitable denial of service vulnerabilities exists in the Service Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted packet can cause a denial of service. An attacker can send a large packet to 4001/tcp to trigger this...
CVE-2017-14438 1 Moxa 1 Edr-810 Firmware 2018-06-15 5.0
Exploitable denial of service vulnerabilities exists in the Service Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted packet can cause a denial of service. An attacker can send a large packet to 4000/tcp to trigger this...
CVE-2017-14435 1 Moxa 1 Edr-810 Firmware 2018-06-15 5.0
An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in denial of service. An attacker can send a...
CVE-2017-14434 1 Moxa 1 Edr-810 Firmware 2018-06-15 9.0
An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands...
CVE-2017-14433 1 Moxa 1 Edr-810 Firmware 2018-06-15 9.0
An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands...
CVE-2017-14432 1 Moxa 1 Edr-810 Firmware 2018-06-15 9.0
An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands...
CVE-2017-12125 1 Moxa 1 Edr-810 Firmware 2018-06-15 9.0
An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands...
CVE-2017-12124 1 Moxa 1 Edr-810 Firmware 2018-06-15 5.0
An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in the web server crashing. An attacker can...
CVE-2017-12121 1 Moxa 1 Edr-810 Firmware 2018-06-15 9.0
An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands...
CVE-2017-12120 1 Moxa 1 Edr-810 Firmware 2018-06-15 9.0
An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation, resulting in a root shell. An attacker can inject OS...
CVE-2016-8346 1 Moxa 1 Edr-810 Firmware 2017-02-23 5.0
An issue was discovered in Moxa EDR-810 Industrial Secure Router. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access configuration and log files (PRIVILEGE ESCALATION).