Two product vulnerabilities were identified in Moxa’s EDR-810 Series secure routers. In response to this, Moxa has developed related solutions to address these vulnerabilities.
The identified vulnerability types and potential impacts are shownbelow:
Item |
Vulnerability Type |
Impact |
1 |
Improper Input Validation
(CWE-20, CVE-2019-10969) |
Improper input on the web console via the Admin or ConfigAdmin account allows unauthorized commands to be performed on the router. |
2 |
Improper Access Control
(CWE-284, CVE-2019-10963) |
The log information may be retrieved by an unauthenticated attacker, which may allow sensitive information to be disclosed. |