Multiple product vulnerabilities were identified in Moxa’s EDS-405A Series Ethernet Switches. In response to this, Moxa has developed related solutions to address these vulnerabilities.
The identified vulnerability types and potential impacts are shown below:
Item |
Vulnerability Type |
Impact |
1 |
Denial of Service (web service) by improper HTTP GET command |
To exploit this vulnerability, the attacker may cause the targeted device to go out of service. This can cause authorized users to be unable to access the device. The vulnerability occurs because the packet payload size was not checked. |
2 |
Denial of Service (web service) by excessive length of HTTP GET command |
To exploit this vulnerability, the attacker may cause the targeted device to go out of service. This can cause authorized users to be unable to access the device. The vulnerability occurs because the packet payload size was not checked. |