CVE-2023-4452

Summary

A vulnerability has been identified in the EDR-810, EDR-G902, and EDR-G903 Series, making them vulnerable to the denial-of-service vulnerability. This vulnerability stems from insufficient input validation in the URI, potentially enabling malicious users to trigger the device reboot.

Affected Software

VendorProductVersion RangeStatus
MoxaEDR-810 Series1.0 <= 5.12.28affected
MoxaEDR G902 Series1.0 <= 5.7.20affected
MoxaEDR G903 Series1.0 <= 5.7.20affected

Weaknesses

  • CWE-120: CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References