Page 2 of 9 results (0.018 seconds)

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to cause a denial of service (cold start) by sending two crafted ping requests. Dispositivos Moxa Secure Router EDR-G903 en versiones anteriores a 3.4.12 permite a atacantes remotos provocar una denegación de servicio (arranque en frío) enviando dos peticiones de ping manipuladas. • https://ics-cert.us-cert.gov/advisories/ICSA-16-042-01 •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to read configuration and log files via a crafted URL. Dispositivos Moxa Secure Router EDR-G903 en versiones anteriores a 3.4.12 permite a atacantes remotos leer archivos de registro y de configuración a través de una URL manipulada. • https://ics-cert.us-cert.gov/advisories/ICSA-16-042-01 • CWE-532: Insertion of Sensitive Information into Log File •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

Memory leak on Moxa Secure Router EDR-G903 devices before 3.4.12 allows remote attackers to cause a denial of service (memory consumption) by executing the ping function. Fuga de memoria en dispositivos Moxa Secure Router EDR-G903 en versiones anteriores a 3.4.12 permite a atacantes remotos provocar una denegación de servicio (consumo de memoria) ejecutando la función ping. • https://ics-cert.us-cert.gov/advisories/ICSA-16-042-01 • CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

Moxa EDR-G903 series routers with firmware before 2.11 have a hardcoded account, which allows remote attackers to obtain unspecified device access via unknown vectors. Los routers de la serie Moxa EDR-G903 con firmware anterior a v2.11 disponen de una cuenta embebida en el código fuente (hardcoded), lo que permite a atacantes remotos obtener acceso no especificado al dispositivo a través de vectores desconocidos. • http://ics-cert.us-cert.gov/pdf/ICSA-13-042-01.pdf http://www.moxa.com/support/download.aspx?type=support&id=492 • CWE-798: Use of Hard-coded Credentials •