Vulnerability CVE-2019-10963


Published: 2019-10-08

Description:
Moxa EDR 810, all versions 5.1 and prior, allows an unauthenticated attacker to be able to retrieve some log files from the device, which may allow sensitive information disclosure. Log files must have previously been exported by a legitimate user.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
Moxa EDR-810 Command Injection / Information Disclosure
RandoriSec
24.10.2019

Type:

CWE-78

(Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') )

 References:
https://www.us-cert.gov/ics/advisories/icsa-19-274-03

Copyright 2024, cxsecurity.com

 

Back to Top