Moxa EDR 810, all versions 5.1 and prior, allows an unauthenticated attacker to be able to retrieve some log files from the device, which may allow sensitive information disclosure. Log files must have previously been exported by a legitimate user.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/154943/Moxa-EDR-810-Command-Injection-Information-Disclosure.html | Exploit Third Party Advisory VDB Entry |
https://www.us-cert.gov/ics/advisories/icsa-19-274-03 | Third Party Advisory US Government Resource |
http://packetstormsecurity.com/files/154943/Moxa-EDR-810-Command-Injection-Information-Disclosure.html | Exploit Third Party Advisory VDB Entry |
https://www.us-cert.gov/ics/advisories/icsa-19-274-03 | Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 04:20
Type | Values Removed | Values Added |
---|---|---|
References | () http://packetstormsecurity.com/files/154943/Moxa-EDR-810-Command-Injection-Information-Disclosure.html - Exploit, Third Party Advisory, VDB Entry | |
References | () https://www.us-cert.gov/ics/advisories/icsa-19-274-03 - Third Party Advisory, US Government Resource |
Information
Published : 2019-10-08 19:15
Updated : 2024-11-21 04:20
NVD link : CVE-2019-10963
Mitre link : CVE-2019-10963
CVE.ORG link : CVE-2019-10963
JSON object : View
Products Affected
moxa
- edr-810
- edr-810_firmware
CWE