Moxa Edr-g903 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Moxa Edr-g903 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2020-28144 — CVSS 9.8 (critical): Certain Moxa Inc products are affected by an improper restriction of operations in EDR-G903 Series Firmware Version 5.5 or lower, EDR-G902…
CVE-2020-14511 — CVSS 9.8 (critical): Malicious operation of the crafted web browser cookie may cause a stack-based buffer overflow in the system web server on the EDR-G902 and…
CVE-2016-0876 — CVSS 7.5 (high): Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to discover cleartext passwords by reading a configuration file.
CVE-2016-0878 — CVSS 7.5 (high): Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to cause a denial of service (cold start) by sending two crafted…
CVE-2016-0879 — CVSS 7.5 (high): Moxa Secure Router EDR-G903 devices before 3.4.12 do not delete copies of configuration and log files after completing the import function…
CVE-2016-0877 — CVSS 7.5 (high): Memory leak on Moxa Secure Router EDR-G903 devices before 3.4.12 allows remote attackers to cause a denial of service (memory consumption)…
CVE-2016-0875 — CVSS 7.5 (high): Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to read configuration and log files via a crafted URL.
CVE-2023-4452 — CVSS 6.5 (medium): A vulnerability has been identified in the EDR-810, EDR-G902, and EDR-G903 Series, making them vulnerable to the denial-of-service…
CVE-2012-4712 — CVSS 5.0 (medium): Moxa EDR-G903 series routers with firmware before 2.11 have a hardcoded account, which allows remote attackers to obtain unspecified device…