Moxa Edr-810 Series vulnerabilities

CVE-2025-0415 [CRITICAL] CWE-78 CVE-2025-0415: A remote attacker with web administrator privileges can exploit the device’s web interface to execut A remote attacker with web administrator privileges can exploit the device’s web interface to execute arbitrary system commands through the NTP settings. Successful exploitation may result in the device entering an infinite reboot loop, leading to a total or partial denial of connectivity for downstream systems that rely on its network services.

CVE-2025-0676 [HIGH] CWE-78 CVE-2025-0676: This vulnerability involves command injection in tcpdump within Moxa products, enabling an authentic This vulnerability involves command injection in tcpdump within Moxa products, enabling an authenticated attacker with console access to exploit improper input validation to inject and execute systems commands. Successful exploitation could result in privilege escalation, allowing the attacker to gain root shell access and maintain persistent control ove

CVE-2024-9138 [HIGH] CWE-656 CVE-2024-9138: Moxa’s cellular routers, secure routers, and network security appliances are affected by a high-seve Moxa’s cellular routers, secure routers, and network security appliances are affected by a high-severity vulnerability, CVE-2024-9138. This vulnerability involves hard-coded credentials, enabling an authenticated user to escalate privileges and gain root-level access to the system, posing a significant security risk.

CVE-2024-9139 [HIGH] CWE-78 CVE-2024-9139: The affected product permits OS command injection through improperly restricted commands, potentiall The affected product permits OS command injection through improperly restricted commands, potentially allowing attackers to execute arbitrary code.

CVE-2023-4452 [MEDIUM] CWE-120 CVE-2023-4452: A vulnerability has been identified in the EDR-810, EDR-G902, and EDR-G903 Series, making them vuln A vulnerability has been identified in the EDR-810, EDR-G902, and EDR-G903 Series, making them vulnerable to the denial-of-service vulnerability. This vulnerability stems from insufficient input validation in the URI, potentially enabling malicious users to trigger the device reboot.

CVE-2023-33238 [HIGH] CWE-78 CVE-2023-33238: TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prio TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command injection vulnerability. This vulnerability stems from inadequate input validation in the certificate management function, which could potentially allow malicious users to execute remote code on affected devices.

CVE-2023-33239 [HIGH] CWE-78 CVE-2023-33239: TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prio TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command injection vulnerability. This vulnerability stems from insufficient input validation in the key-generation function, which could potentially allow malicious users to execute remote code on affected devices.

CVE-2023-34214 [HIGH] CWE-78 CVE-2023-34214: TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prio TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient input validation in the certificate-generation function, which could potentially allow malicious users to execute remote code on affected devices.