9.4
CVE-2024-9137
- EPSS 0.15%
- Veröffentlicht 14.10.2024 09:15:04
- Zuletzt bearbeitet 17.01.2025 08:15:24
- Quelle psirt@moxa.com
- CVE-Watchlists
- Unerledigt
The affected product lacks an authentication check when sending commands to the server via the Moxa service. This vulnerability allows an attacker to execute specified commands, potentially leading to unauthorized downloads or uploads of configuration files and system compromise.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
Herstellermoxa
≫
Produkt
edr-g9010
Default Statusunknown
Version <=
3.12.1
Version
1.0
Status
affected
Herstellermoxa
≫
Produkt
nat-102
Default Statusunknown
Version <=
1.0.5
Version
1.0
Status
affected
Herstellermoxa
≫
Produkt
tn-4900
Default Statusunknown
Version <=
3.6
Version
1.0
Status
affected
Herstellermoxa
≫
Produkt
oncell_g4302-lte4
Default Statusunknown
Version <=
3.9
Version
1.0
Status
affected
Herstellermoxa
≫
Produkt
edf-g1002-bp
Default Statusunknown
Version <=
3.12.1
Version
1.0
Status
affected
Herstellermoxa
≫
Produkt
edr-g9004
Default Statusunknown
Version <=
3.12.1
Version
1.0
Status
affected
Herstellermoxa
≫
Produkt
edr-8010
Default Statusunknown
Version <=
3.12.1
Version
1.0
Status
affected
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.15% | 0.356 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@moxa.com | 8.8 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| psirt@moxa.com | 9.4 | 3.9 | 5.5 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
|
CWE-306 Missing Authentication for Critical Function
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.