Moxa: >> Edr-810 Firmware >> 4.2 Security Vulnerabilities
Moxa EDR 810, all versions 5.1 and prior, allows an unauthenticated attacker to be able to retrieve some log files from the device, which may allow sensitive information disclosure. Log files must have previously been exported by a legitimate user.
CVSS Score
4.3
EPSS Score
0.031
Published
2019-10-08
Moxa EDR 810, all versions 5.1 and prior, allows an authenticated attacker to abuse the ping feature to execute unauthorized commands on the router, which may allow an attacker to perform remote code execution.
CVSS Score
7.2
EPSS Score
0.039
Published
2019-10-08
A command injection vulnerability in the web server functionality of Moxa EDR-810 V4.2 build 18041013 allows remote attackers to execute arbitrary OS commands with root privilege via the caname parameter to the /xml/net_WebCADELETEGetValue URI.
CVSS Score
8.8
EPSS Score
0.041
Published
2018-09-20