Vulnerability Details CVE-2024-0387
The EDS-4000/G4000 Series prior to version 3.2 includes IP forwarding capabilities that users cannot deactivate. An attacker may be able to send requests to the product and have it forwarded to the target. An attacker can bypass access controls or hide the source of malicious requests.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.0%
CVSS Severity
CVSS v3 Score 6.5
References
Products affected by CVE-2024-0387
-
cpe:2.3:h:moxa:eds-4008:-
-
cpe:2.3:h:moxa:eds-4009:-
-
cpe:2.3:h:moxa:eds-4012:-
-
cpe:2.3:h:moxa:eds-4014:-
-
cpe:2.3:h:moxa:eds-g4008:-
-
cpe:2.3:h:moxa:eds-g4012:-
-
cpe:2.3:h:moxa:eds-g4014:-
-
cpe:2.3:o:moxa:eds-4008_firmware:-
-
cpe:2.3:o:moxa:eds-4008_firmware:3.2
-
cpe:2.3:o:moxa:eds-4009_firmware:-
-
cpe:2.3:o:moxa:eds-4009_firmware:3.2
-
cpe:2.3:o:moxa:eds-4012_firmware:-
-
cpe:2.3:o:moxa:eds-4012_firmware:3.2
-
cpe:2.3:o:moxa:eds-4014_firmware:-
-
cpe:2.3:o:moxa:eds-4014_firmware:3.2
-
cpe:2.3:o:moxa:eds-g4008_firmware:-
-
cpe:2.3:o:moxa:eds-g4008_firmware:3.2
-
cpe:2.3:o:moxa:eds-g4012_firmware:-
-
cpe:2.3:o:moxa:eds-g4012_firmware:3.2
-
cpe:2.3:o:moxa:eds-g4014_firmware:-
-
cpe:2.3:o:moxa:eds-g4014_firmware:3.2