CVE-2019-6520
published 2019-03-05CVE-2019-6520: Moxa IKS and EDS does not properly check authority on server side, which results in a read-only user being able to perform arbitrary configuration changes.
high7.5CVSS 3.1
AVNACLPRNUINSUCNIHAN
Moxa IKS and EDS does not properly check authority on server side, which results in a read-only user being able to perform arbitrary configuration changes.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| moxa | eds-405a_firmware | <= 3.8 | — |
| moxa | eds-408a_firmware | <= 3.8 | — |
| moxa | eds-510a_firmware | <= 3.8 | — |
| moxa | iks-g6824a_firmware | <= 4.5 | — |