Hi! Please sign in Home >  Support > Technical FAQs

Technical FAQs
Question EDR-810 Industrial Secure Router Vulnerabilities
Question Type Security Advisory
Updated 10/5/2018 3:52:49 PM
Hits 1
Products EDR-810 Series
Suggestions

Summary

Version: 1.0
Reference: CVE-2018-16282

A product vulnerability has been identified in Moxa’s EDR- 810 Series. In response to this, Moxa has developed a solution to address the vulnerability.

The identified vulnerability types and possible impact are shown below:

Item Vulnerability Type Impact
1 A command injection vulnerability in the web server function The application allows remote attackers to execute arbitrary OS commands with root privilege via the CA name parameter to the /xml/net_WebCADELETEGetValue URI.

Affected Products and Solutions

* Affected Products
EDR- 810 Series with Firmware V4.2 build 18041013 or prior

* Solutions
Moxa has addressed this vulnerability with new firmware release for the EDR- 810 Series. You can download the new firmware here.

Revision History

Version Description Release Date
1.0 First release September 21, 2018

Related Questions
Provide Feedback
Quality of this article
Poor                Excellent