CVE-2019-10969

Moxa EDR 810, all versions 5.1 and prior, allows an authenticated attacker to abuse the ping feature to execute unauthorized commands on the router, which may allow an attacker to perform remote code execution.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:moxa:edr-810_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:edr-810:-:*:*:*:*:*:*:*

History

21 Nov 2024, 04:20

Type Values Removed Values Added
References () http://packetstormsecurity.com/files/154943/Moxa-EDR-810-Command-Injection-Information-Disclosure.html - () http://packetstormsecurity.com/files/154943/Moxa-EDR-810-Command-Injection-Information-Disclosure.html -
References () https://www.us-cert.gov/ics/advisories/icsa-19-274-03 - Third Party Advisory, US Government Resource () https://www.us-cert.gov/ics/advisories/icsa-19-274-03 - Third Party Advisory, US Government Resource

Information

Published : 2019-10-08 19:15

Updated : 2024-11-21 04:20


NVD link : CVE-2019-10969

Mitre link : CVE-2019-10969

CVE.ORG link : CVE-2019-10969


JSON object : View

Products Affected

moxa

  • edr-810
  • edr-810_firmware
CWE
CWE-20

Improper Input Validation