CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2023-4452 – Web Server Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2023-4452
01 Nov 2023 — A vulnerability has been identified in the EDR-810, EDR-G902, and EDR-G903 Series, making them vulnerable to the denial-of-service vulnerability. This vulnerability stems from insufficient input validation in the URI, potentially enabling malicious users to trigger the device reboot. Se ha identificado una vulnerabilidad en Series EDR-810, EDR-G902 y EDR-G903, lo que las hace vulnerables a la vulnerabilidad de denegación de servicio. Esta vulnerabilidad se debe a una validación de entrada insuficiente en el... • https://www.moxa.com/en/support/product-support/security-advisory/mpsa-234880-edr-810-g902-g903-series-web-server-buffer-overflow-vulnerability • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 16EXPL: 0CVE-2020-28144
https://notcve.org/view.php?id=CVE-2020-28144
03 Feb 2021 — Certain Moxa Inc products are affected by an improper restriction of operations in EDR-G903 Series Firmware Version 5.5 or lower, EDR-G902 Series Firmware Version 5.5 or lower, and EDR-810 Series Firmware Version 5.6 or lower. Crafted requests sent to the device may allow remote arbitrary code execution. Determinados productos de Moxa Inc están afectados por una restricción inapropiada de operaciones en EDR-G903 Series Versión de Firmware 5.5 o inferiores, EDR-G902 Series Versión de Firmware 5.5 o inferiore... • https://www.moxa.com/en/support/support/security-advisory/edr-g903-g902-810-secure-router-vulnerability • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •