Moxa Edf-G1002-Bp Series vulnerabilities

CVE-2025-6950 [CRITICAL] CWE-798 CVE-2025-6950: An Use of Hard-coded Credentials vulnerability has been identified in Moxa’s network security applia An Use of Hard-coded Credentials vulnerability has been identified in Moxa’s network security appliances and routers. The system employs a hard-coded secret key to sign JSON Web Tokens (JWT) used for authentication. This insecure implementation allows an unauthenticated attacker to forge valid tokens, thereby bypassing authentication controls and im

CVE-2025-6949 [CRITICAL] CWE-250 CVE-2025-6949: An Execution with Unnecessary Privileges vulnerability has been identified in Moxa’s network securit An Execution with Unnecessary Privileges vulnerability has been identified in Moxa’s network security appliances and routers. A critical authorization flaw in the API allows an authenticated, low-privileged user to create a new administrator account, including accounts with usernames identical to existing users. In certain scenarios, this vulnerabil

CVE-2025-6893 [CRITICAL] CWE-250 CVE-2025-6893: An Execution with Unnecessary Privileges vulnerability has been identified in Moxa’s network securit An Execution with Unnecessary Privileges vulnerability has been identified in Moxa’s network security appliances and routers. A flaw in broken access control has been identified in the /api/v1/setting/data endpoint of the affected device. This flaw allows a low-privileged authenticated user to call the API without the required permissions, thereby g

CVE-2025-6892 [HIGH] CWE-863 CVE-2025-6892: An Incorrect Authorization vulnerability has been identified in Moxa’s network security appliances a An Incorrect Authorization vulnerability has been identified in Moxa’s network security appliances and routers. A flaw in the API authentication mechanism allows unauthorized access to protected API endpoints, including those intended for administrative functions. This vulnerability can be exploited after a legitimate user has logged in, as the system f

CVE-2025-6894 [MEDIUM] CWE-250 CVE-2025-6894: An Execution with Unnecessary Privileges vulnerability has been identified in Moxa’s network securit An Execution with Unnecessary Privileges vulnerability has been identified in Moxa’s network security appliances and routers. A flaw in the API authorization logic of the affected device allows an authenticated, low-privileged user to execute the administrative `ping` function, which is restricted to higher-privileged roles. This vulnerability enables

CVE-2025-0415 [CRITICAL] CWE-78 CVE-2025-0415: A remote attacker with web administrator privileges can exploit the device’s web interface to execut A remote attacker with web administrator privileges can exploit the device’s web interface to execute arbitrary system commands through the NTP settings. Successful exploitation may result in the device entering an infinite reboot loop, leading to a total or partial denial of connectivity for downstream systems that rely on its network services.

CVE-2025-0676 [HIGH] CWE-78 CVE-2025-0676: This vulnerability involves command injection in tcpdump within Moxa products, enabling an authentic This vulnerability involves command injection in tcpdump within Moxa products, enabling an authenticated attacker with console access to exploit improper input validation to inject and execute systems commands. Successful exploitation could result in privilege escalation, allowing the attacker to gain root shell access and maintain persistent control ove

CVE-2024-9140 [CRITICAL] CWE-78 CVE-2024-9140: Moxa’s cellular routers, secure routers, and network security appliances are affected by a critical Moxa’s cellular routers, secure routers, and network security appliances are affected by a critical vulnerability, CVE-2024-9140. This vulnerability allows OS command injection due to improperly restricted commands, potentially enabling attackers to execute arbitrary code. This poses a significant risk to the system’s security and functionality.

CVE-2024-9138 [HIGH] CWE-656 CVE-2024-9138: Moxa’s cellular routers, secure routers, and network security appliances are affected by a high-seve Moxa’s cellular routers, secure routers, and network security appliances are affected by a high-severity vulnerability, CVE-2024-9138. This vulnerability involves hard-coded credentials, enabling an authenticated user to escalate privileges and gain root-level access to the system, posing a significant security risk.

CVE-2024-9137 [HIGH] CWE-306 CVE-2024-9137: The affected product lacks an authentication check when sending commands to the server via the Moxa The affected product lacks an authentication check when sending commands to the server via the Moxa service. This vulnerability allows an attacker to execute specified commands, potentially leading to unauthorized downloads or uploads of configuration files and system compromise.

CVE-2024-9139 [HIGH] CWE-78 CVE-2024-9139: The affected product permits OS command injection through improperly restricted commands, potentiall The affected product permits OS command injection through improperly restricted commands, potentially allowing attackers to execute arbitrary code.