CVE-2017-14436

Summary

An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in denial of service. An attacker can send a GET request to "/MOXA_CFG2.ini" without a cookie header to trigger this vulnerability.

Affected Software

VendorProductVersion RangeStatus
TalosMoxaMoxa EDR-810 V4.1 build 17030317affected

Weaknesses

  • denial of service

ADP Enrichment

CVE Program Container

Additional References

References