Moxa Secure Router EDR-G903 devices before 3.4.12 do not delete copies of configuration and log files after completing the import function, which allows remote attackers to obtain sensitive information by requesting these files at an unspecified URL.
References
Link | Resource |
---|---|
https://ics-cert.us-cert.gov/advisories/ICSA-16-042-01 | Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
AND |
|
History
No history.
Information
Published : 2016-05-31 01:59
Updated : 2024-02-28 15:21
NVD link : CVE-2016-0879
Mitre link : CVE-2016-0879
CVE.ORG link : CVE-2016-0879
JSON object : View
Products Affected
moxa
- edr-g903_firmware
- edr-g903
CWE
CWE-532
Insertion of Sensitive Information into Log File