CVE-2023-4452

Web Server Buffer Overflow Vulnerability

CVSS 6.5 MEDIUMEPSS 0.4%CWE-120

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 6.5EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado

Lifecycle

01 Nov 2023Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

A vulnerability has been identified in the EDR-810, EDR-G902, and EDR-G903 Series, making them vulnerable to the denial-of-service vulnerability. This vulnerability stems from insufficient input validation in the URI, potentially enabling malicious users to trigger the device reboot.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Affected products

Moxa · EDR-810 Series Moxa · EDR G902 Series Moxa · EDR G903 Series

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.moxa.com/en/support/product-support/security-advisory/mpsa-234880-edr-810-g902-g903-series-web-server-buffer-overflow-vulnerability