CVE-2019-10969
N/A
N/A
Summary
Moxa EDR 810, all versions 5.1 and prior, allows an authenticated attacker to abuse the ping feature to execute unauthorized commands on the router, which may allow an attacker to perform remote code execution.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Moxa EDR 810 | All versions 5.1 and prior | affected |
Weaknesses
- CWE-20: IMPROPER INPUT VALIDATION CWE-20
ADP Enrichment
CVE Program Container
Additional References
- https://www.us-cert.gov/ics/advisories/icsa-19-274-03
- http://packetstormsecurity.com/files/154943/Moxa-EDR-810-Command-Injection-Information-Disclosure.html
References
- https://www.us-cert.gov/ics/advisories/icsa-19-274-03
- http://packetstormsecurity.com/files/154943/Moxa-EDR-810-Command-Injection-Information-Disclosure.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.