Industrial Secure Routers EDR-810 / EDR-G902 / EDR-G903 Access Bypass

2016.10.25
Credit: Nassim Asrir
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

Title: Industrial Secure Routers - Insecure Configuration Management Type: Local/Remote Author: Nassim Asrir Author Company: HenceForth Impact: Insecure Configuration Management Risk: (4/5) Release Date: 22.10.2016 Summary: Moxa's EDR series industrial Gigabit-performance secure routers are designed to protect the control networks of critical facilities while maintaining fast data transmissions. The EDR series security routers provides integrated cyber security solutions that combine industrial firewall, VPN, router, and L2 switching* functions into one product specifically designed for automation networks,which protects the integrity of remote access and critical devices. description: Using this Vulnerability we can change the Admin configuration without knowing Password & Username Because the form for change the configurations is Insecure. Vendor: http://www.moxa.com/product/Industrial_Secure_Routers.htm Affected Version: EDR-810, EDR-G902 and EDR-G903 Tested On: Linux // Dist (Bugtraq 2) Vendor Status: I told them and i wait for the answer. PoC: - when you navigate the server automatically you redirect to the login page (http://site/login.asp). - so Just add in the end of URL (admin.htm) then you get the Form to change the Admin configurations. Credits Vulnerability discovered by Nassim Asrir - <wassline@gmail.com>


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2020, cxsecurity.com

 

Back to Top