CVE-2019-10963

Moxa EDR 810, all versions 5.1 and prior, allows an unauthenticated attacker to be able to retrieve some log files from the device, which may allow sensitive information disclosure. Log files must have previously been exported by a legitimate user.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:moxa:edr-810_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:edr-810:-:*:*:*:*:*:*:*

History

21 Nov 2024, 04:20

Type Values Removed Values Added
References () http://packetstormsecurity.com/files/154943/Moxa-EDR-810-Command-Injection-Information-Disclosure.html - Exploit, Third Party Advisory, VDB Entry () http://packetstormsecurity.com/files/154943/Moxa-EDR-810-Command-Injection-Information-Disclosure.html - Exploit, Third Party Advisory, VDB Entry
References () https://www.us-cert.gov/ics/advisories/icsa-19-274-03 - Third Party Advisory, US Government Resource () https://www.us-cert.gov/ics/advisories/icsa-19-274-03 - Third Party Advisory, US Government Resource

Information

Published : 2019-10-08 19:15

Updated : 2024-11-21 04:20


NVD link : CVE-2019-10963

Mitre link : CVE-2019-10963

CVE.ORG link : CVE-2019-10963


JSON object : View

Products Affected

moxa

  • edr-810
  • edr-810_firmware
CWE
CWE-321

Use of Hard-coded Cryptographic Key

NVD-CWE-Other