Multiple vulnerabilities in Moxa EDR-810
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 17 |
| CVE-ID | CVE-2017-12120 CVE-2017-14432 CVE-2017-14433 CVE-2017-14434 CVE-2017-12129 CVE-2017-12121 CVE-2017-14438 CVE-2017-14439 CVE-2017-14435 CVE-2017-14436 CVE-2017-14437 CVE-2017-12123 CVE-2017-12124 CVE-2017-12125 CVE-2017-12128 CVE-2017-12126 CVE-2017-12127 |
| CWE-ID | CWE-78 CWE-261 CWE-20 CWE-476 CWE-319 CWE-200 CWE-352 CWE-256 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #1 is available. Public exploit code for vulnerability #2 is available. Public exploit code for vulnerability #3 is available. Public exploit code for vulnerability #4 is available. Public exploit code for vulnerability #5 is available. Public exploit code for vulnerability #6 is available. Public exploit code for vulnerability #7 is available. Public exploit code for vulnerability #8 is available. Public exploit code for vulnerability #9 is available. Public exploit code for vulnerability #10 is available. Public exploit code for vulnerability #11 is available. Public exploit code for vulnerability #12 is available. Public exploit code for vulnerability #13 is available. Public exploit code for vulnerability #14 is available. Public exploit code for vulnerability #15 is available. Public exploit code for vulnerability #16 is available. Public exploit code for vulnerability #17 is available. |
| Vulnerable software Subscribe |
Moxa EDR-810 Server applications / SCADA systems |
| Vendor | Moxa |
Security Bulletin
This security bulletin contains information about 17 vulnerabilities.
1) OS command injection
EUVDB-ID: #VU11860
Risk: Low
CVSSv3.1: 8.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-12120
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to inject and execute arbitrary commands with elevated privileges on the target system.
The weakness exists in the web server functionality due to OS command injection. A remote attacker can submit a specially crafted HTTP POST and execute arbitrary commands with root privileges into the ip= parm in the "/goform/net_WebPingGetValue" URI.
Update to version 4.2.
Vulnerable software versionsMoxa EDR-810: 4.1
External linkshttp://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0472
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
2) OS command injection
EUVDB-ID: #VU11861
Risk: Low
CVSSv3.1: 8.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-14432
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to inject and execute arbitrary commands with elevated privileges on the target system.
The weakness exists in the web server functionality due to OS command injection. A remote attacker can submit a specially crafted HTTP POST and execute arbitrary commands with root privileges in the "/goform/net_Web_get_value" uri.
Update to version 4.2.
Vulnerable software versionsMoxa EDR-810: 4.1
External linkshttp://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0482
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
3) OS command injection
EUVDB-ID: #VU11862
Risk: Low
CVSSv3.1: 8.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-14433
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to inject and execute arbitrary commands with elevated privileges on the target system.
The weakness exists in the web server functionality due to OS command injection. A remote attacker can submit a specially crafted HTTP POST and execute arbitrary commands with root privileges in the "/goform/net_Web_get_value" uri.
Update to version 4.2.
Vulnerable software versionsMoxa EDR-810: 4.1
External linkshttp://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0482
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
4) OS command injection
EUVDB-ID: #VU11863
Risk: Low
CVSSv3.1: 8.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-14434
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to inject and execute arbitrary commands with elevated privileges on the target system.
The weakness exists in the web server functionality due to OS command injection. A remote attacker can submit a specially crafted HTTP POST and execute arbitrary commands with root privileges in the "/goform/net_Web_get_value" uri.
Update to version 4.2.
Vulnerable software versionsMoxa EDR-810: 4.1
External linkshttp://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0482
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
5) Weak cryptography for passwords
EUVDB-ID: #VU11864
Risk: Low
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-12129
CWE-ID:
CWE-261 - Weak Cryptography for Passwords
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists in the web server functionality due to weak cryptography for passwords. A remote attacker can intercept weakly encrypted passwords and brute force them.
Update to version 4.2.
Vulnerable software versionsMoxa EDR-810: 4.1
External linkshttp://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0481
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
6) OS command injection
EUVDB-ID: #VU11865
Risk: Low
CVSSv3.1: 8.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-12121
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to inject and execute arbitrary commands with elevated privileges on the target system.
The weakness exists in the web server functionality due to OS command injection. A remote attacker can submit a specially crafted HTTP POST and execute arbitrary commands with root privileges into the rsakey_name= parm in the "/goform/WebRSAKEYGen" uri.
Update to version 4.2.
Vulnerable software versionsMoxa EDR-810: 4.1
External linkshttp://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0473
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
7) Improper input validation
EUVDB-ID: #VU11866
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-14438
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists in the Service Agent functionality due to improper input validation. A remote attacker can submit a specially crafted packet to 4000/tcp and 4001/tcp and cause the service to crash.
Update to version 4.2.
Vulnerable software versionsMoxa EDR-810: 4.1
External linkshttp://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0487
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
8) Improper input validation
EUVDB-ID: #VU11867
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-14439
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists in the Service Agent functionality due to improper input validation. A remote attacker can submit a specially crafted packet to 4000/tcp and 4001/tcp and cause the service to crash.
Update to version 4.2.
Vulnerable software versionsMoxa EDR-810: 4.1
External linkshttp://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0487
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
9) NULL pointer dereference
EUVDB-ID: #VU11868
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-14435
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists in the web server functionality due to NULL pointer dereference. A remote attacker can submit a specially crafted GET request to "/MOXA_LOG.ini, /MOXA_CFG.ini, or /MOXA_CFG2.ini" without a cookie header and cause the service to crash.
Update to version 4.2.
Vulnerable software versionsMoxa EDR-810: 4.1
External linkshttp://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0474
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
10) NULL pointer dereference
EUVDB-ID: #VU11869
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-14436
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists in the web server functionality due to NULL pointer dereference. A remote attacker can submit a specially crafted GET request to "/MOXA_LOG.ini, /MOXA_CFG.ini, or /MOXA_CFG2.ini" without a cookie header and cause the service to crash.
Update to version 4.2.
Vulnerable software versionsMoxa EDR-810: 4.1
External linkshttp://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0474
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
11) NULL pointer dereference
EUVDB-ID: #VU11870
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-14437
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists in the web server functionality due to NULL pointer dereference. A remote attacker can submit a specially crafted GET request to "/MOXA_LOG.ini, /MOXA_CFG.ini, or /MOXA_CFG2.ini" without a cookie header and cause the service to crash.
Update to version 4.2.
Vulnerable software versionsMoxa EDR-810: 4.1
External linkshttp://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0474
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
12) Cleartext transmission of sensitive information
EUVDB-ID: #VU11871
Risk: Low
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-12123
CWE-ID:
CWE-319 - Cleartext Transmission of Sensitive Information
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists in the web server and telnet functionality due to clear text transmission of password. A remote attacker can look at network traffic to get the admin password for the device, use the credentials to login as admin and gain access to potentially sensitive information.
Update to version 4.2.
Vulnerable software versionsMoxa EDR-810: 4.1
External linkshttp://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0475
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
13) NULL pointer dereference
EUVDB-ID: #VU11872
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-12124
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists in the web server functionality due to NULL pointer dereference. A remote attacker can submit a specially crafted HTTP URI and cause the service to crash.
Update to version 4.2.
Vulnerable software versionsMoxa EDR-810: 4.1
External linkshttp://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0476
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
14) OS command injection
EUVDB-ID: #VU11873
Risk: Low
CVSSv3.1: 8.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-12125
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to inject and execute arbitrary commands with elevated privileges on the target system.
The weakness exists in the web server functionality due to OS command injection. A remote attacker can submit a specially crafted HTTP POST and execute arbitrary commands with root privileges into the CN= parm in the "/goform/net_WebCSRGen" uri.
Update to version 4.2.
Vulnerable software versionsMoxa EDR-810: 4.1
External linkshttp://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0477
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
15) Information disclosure
EUVDB-ID: #VU11874
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-12128
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists in the Server Agent functionality due to improper information control. A remote attacker can submit a specially crafted TCP packet and gain access to potentially sensitive information.
Update to version 4.2.
Vulnerable software versionsMoxa EDR-810: 4.1
External linkshttp://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0480
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
16) Cross-site request forgery
EUVDB-ID: #VU11875
Risk: Low
CVSSv3.1: 8.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-12126
CWE-ID:
CWE-352 - Cross-Site Request Forgery (CSRF)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to conduct cross-site request forgery attack and gain elevated privileges on the target system.
The weakness exists in the web server functionality due to insufficient CSRF protections. A remote attacker can submit a specially crafted HTML and gain root prvileges.
Update to version 4.2.
Vulnerable software versionsMoxa EDR-810: 4.1
External linkshttp://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0478
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
17) Plaintext storage of a password
EUVDB-ID: #VU11876
Risk: Low
CVSSv3.1: 5 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-12127
CWE-ID:
CWE-256 - Unprotected Storage of Credentials
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to obtain potentially sensitive information on the target system.
The weakness exists in the operating system functionality due to plaintext storage of a password. A local attacker can extract passwords in clear text.
Update to version 4.2.
Vulnerable software versionsMoxa EDR-810: 4.1
External linkshttp://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0479
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
