8.6
CVE-2024-9138
- EPSS 0.12%
- Veröffentlicht 03.01.2025 09:15:06
- Zuletzt bearbeitet 03.01.2025 09:15:06
- Quelle psirt@moxa.com
- CVE-Watchlists
- Unerledigt
Moxa’s cellular routers, secure routers, and network security appliances are affected by a high-severity vulnerability, CVE-2024-9138. This vulnerability involves hard-coded credentials, enabling an authenticated user to escalate privileges and gain root-level access to the system, posing a significant security risk.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerMoxa
≫
Produkt
EDR-810 Series
Default Statusunaffected
Version <=
5.12.37
Version
1.0
Status
affected
HerstellerMoxa
≫
Produkt
EDR-8010 Series
Default Statusunaffected
Version <=
3.13.1
Version
1.0
Status
affected
HerstellerMoxa
≫
Produkt
EDR-G902 Series
Default Statusunaffected
Version <=
5.7.25
Version
1.0
Status
affected
HerstellerMoxa
≫
Produkt
EDR-G903 Series
Default Statusunaffected
Version <=
5.7.25
Version
1.0
Status
affected
HerstellerMoxa
≫
Produkt
EDR-G9004 Series
Default Statusunaffected
Version <=
3.13.1
Version
1.0
Status
affected
HerstellerMoxa
≫
Produkt
EDR-G9010 Series
Default Statusunaffected
Version <=
3.13.1
Version
1.0
Status
affected
HerstellerMoxa
≫
Produkt
EDF-G1002-BP Series
Default Statusunaffected
Version <=
3.13.1
Version
1.0
Status
affected
HerstellerMoxa
≫
Produkt
NAT-102 Series
Default Statusunaffected
Version <=
1.0.5
Version
1.0
Status
affected
HerstellerMoxa
≫
Produkt
OnCell G4302-LTE4 Series
Default Statusunaffected
Version <=
3.13
Version
1.0
Status
affected
HerstellerMoxa
≫
Produkt
TN-4900 Series
Default Statusunaffected
Version <=
3.13
Version
1.0
Status
affected
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.12% | 0.317 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@moxa.com | 8.6 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| psirt@moxa.com | 7.2 | 1.2 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
CWE-656 Reliance on Security Through Obscurity
The product uses a protection mechanism whose strength depends heavily on its obscurity, such that knowledge of its algorithms or key data is sufficient to defeat the mechanism.