Moxa

Edr-810 Firmware

22 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.6

CVE-2024-9139

  • EPSS 0.27%
  • Veröffentlicht 14.10.2024 09:15:04
  • Zuletzt bearbeitet 15.10.2024 12:57:46

The affected product permits OS command injection through improperly restricted commands, potentially allowing attackers to execute arbitrary code.

7.2

CVE-2019-10969

  • EPSS 4.91%
  • Veröffentlicht 08.10.2019 19:15:09
  • Zuletzt bearbeitet 21.11.2024 04:20:16

Moxa EDR 810, all versions 5.1 and prior, allows an authenticated attacker to abuse the ping feature to execute unauthorized commands on the router, which may allow an attacker to perform remote code execution.

4.3

CVE-2019-10963

Exploit
  • EPSS 3.12%
  • Veröffentlicht 08.10.2019 19:15:09
  • Zuletzt bearbeitet 21.11.2024 04:20:15

Moxa EDR 810, all versions 5.1 and prior, allows an unauthenticated attacker to be able to retrieve some log files from the device, which may allow sensitive information disclosure. Log files must have previously been exported by a legitimate user.

9

CVE-2018-16282

Exploit
  • EPSS 4.23%
  • Veröffentlicht 20.09.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:52:26

A command injection vulnerability in the web server functionality of Moxa EDR-810 V4.2 build 18041013 allows remote attackers to execute arbitrary OS commands with root privilege via the caname parameter to the /xml/net_WebCADELETEGetValue URI.

7.5

CVE-2017-14439

Exploit
  • EPSS 1.04%
  • Veröffentlicht 14.05.2018 20:29:01
  • Zuletzt bearbeitet 21.11.2024 03:12:47

Exploitable denial of service vulnerabilities exists in the Service Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted packet can cause a denial of service. An attacker can send a large packet to 4001/tcp to trigger this vul...

9

CVE-2017-14433

Exploit
  • EPSS 2.65%
  • Veröffentlicht 14.05.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:12:47

An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into...

7.5

CVE-2017-14438

Exploit
  • EPSS 1.04%
  • Veröffentlicht 14.05.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:12:47

Exploitable denial of service vulnerabilities exists in the Service Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted packet can cause a denial of service. An attacker can send a large packet to 4000/tcp to trigger this vul...

7.5

CVE-2017-14437

Exploit
  • EPSS 2.22%
  • Veröffentlicht 14.05.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:12:47

An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in denial of service. An attacker can send a GET re...

7.5

CVE-2017-14436

Exploit
  • EPSS 2.22%
  • Veröffentlicht 14.05.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:12:47

An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in denial of service. An attacker can send a GET re...

7.5

CVE-2017-14435

Exploit
  • EPSS 2.22%
  • Veröffentlicht 14.05.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:12:47

An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in denial of service. An attacker can send a GET re...