Vulnerabilities > CVE-2019-10963 - Unspecified vulnerability in Moxa Edr-810 Firmware

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

moxa

exploit available

NVD

Published: 2019-10-08

Updated: 2021-10-28

Summary

Moxa EDR 810, all versions 5.1 and prior, allows an unauthenticated attacker to be able to retrieve some log files from the device, which may allow sensitive information disclosure. Log files must have previously been exported by a legitimate user.

Vulnerable Configurations

Part	Description	Count
OS	Moxa Moxa EDR 810 Firmware 3.12 Moxa EDR 810 Firmware 4.1 Moxa EDR 810 Firmware 4.2 Moxa EDR 810 Firmware 5.1	4
Hardware	Moxa Moxa EDR 810 -	1

Exploit-Db

id	EDB-ID:47536
last seen	2019-10-22
modified	2019-10-22
published	2019-10-22
reporter	Exploit-DB
source	https://www.exploit-db.com/download/47536
title	Moxa EDR-810 - Command Injection / Information Disclosure

Packetstorm

data source	https://packetstormsecurity.com/files/download/154943/moxaedr810-injectdisclose.txt
id	PACKETSTORM:154943
last seen	2019-10-24
published	2019-10-23
reporter	RandoriSec
source	https://packetstormsecurity.com/files/154943/Moxa-EDR-810-Command-Injection-Information-Disclosure.html
title	Moxa EDR-810 Command Injection / Information Disclosure

Summary

Vulnerable Configurations

Exploit-Db

Packetstorm

References