Vulnerabilities (CVE)

Filtered by vendor Moxa Subscribe
Filtered by product Edr-g903 Firmware
Total 9 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-28144 1 Moxa 16 Edr-810-2gsfp, Edr-810-2gsfp-t, Edr-810-2gsfp-t Firmware and 13 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
Certain Moxa Inc products are affected by an improper restriction of operations in EDR-G903 Series Firmware Version 5.5 or lower, EDR-G902 Series Firmware Version 5.5 or lower, and EDR-810 Series Firmware Version 5.6 or lower. Crafted requests sent to the device may allow remote arbitrary code execution.
CVE-2020-14511 1 Moxa 8 Edr-g902, Edr-g902-t, Edr-g902-t Firmware and 5 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
Malicious operation of the crafted web browser cookie may cause a stack-based buffer overflow in the system web server on the EDR-G902 and EDR-G903 Series Routers (versions prior to 5.4).
CVE-2016-0879 1 Moxa 2 Edr-g903, Edr-g903 Firmware 2024-11-21 7.8 HIGH 7.5 HIGH
Moxa Secure Router EDR-G903 devices before 3.4.12 do not delete copies of configuration and log files after completing the import function, which allows remote attackers to obtain sensitive information by requesting these files at an unspecified URL.
CVE-2016-0878 1 Moxa 2 Edr-g903, Edr-g903 Firmware 2024-11-21 7.8 HIGH 7.5 HIGH
Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to cause a denial of service (cold start) by sending two crafted ping requests.
CVE-2016-0877 1 Moxa 2 Edr-g903, Edr-g903 Firmware 2024-11-21 7.8 HIGH 7.5 HIGH
Memory leak on Moxa Secure Router EDR-G903 devices before 3.4.12 allows remote attackers to cause a denial of service (memory consumption) by executing the ping function.
CVE-2016-0876 1 Moxa 2 Edr-g903, Edr-g903 Firmware 2024-11-21 5.0 MEDIUM 7.5 HIGH
Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to discover cleartext passwords by reading a configuration file.
CVE-2016-0875 1 Moxa 2 Edr-g903, Edr-g903 Firmware 2024-11-21 5.0 MEDIUM 7.5 HIGH
Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to read configuration and log files via a crafted URL.
CVE-2012-4712 1 Moxa 2 Edr-g903, Edr-g903 Firmware 2024-11-21 5.0 MEDIUM N/A
Moxa EDR-G903 series routers with firmware before 2.11 have a hardcoded account, which allows remote attackers to obtain unspecified device access via unknown vectors.
CVE-2023-4452 1 Moxa 16 Edr-810-2gsfp, Edr-810-2gsfp-t, Edr-810-2gsfp-t Firmware and 13 more 2024-02-28 N/A 7.5 HIGH
A vulnerability has been identified in the EDR-810, EDR-G902, and EDR-G903 Series, making them vulnerable to the denial-of-service vulnerability. This vulnerability stems from insufficient input validation in the URI, potentially enabling malicious users to trigger the device reboot.