CVE-2019-10963

MEDIUM

Moxa Edr-810 Firmware < 5.1 - Information Disclosure

Title source: rule

Description

Moxa EDR 810, all versions 5.1 and prior, allows an unauthenticated attacker to be able to retrieve some log files from the device, which may allow sensitive information disclosure. Log files must have previously been exported by a legitimate user.

Exploits (1)

exploitdb WRITEUP

remotehardware

https://www.exploit-db.com/exploits/47536

View Code ZIP pw:eip

References (2)

[Third Party Advisory, US Government Resource] https://www.us-cert.gov/ics/advisories/icsa-19-274-03

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/154943/Moxa-EDR-810-Command-Injection-Information-Disclosure.html

Scores

CVSS v3 4.3

EPSS 0.0312

EPSS Percentile 86.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Details

CWE

CWE-321

Status published

Products (1)

moxa/edr-810_firmware < 5.1

Published Oct 08, 2019

Tracked Since Feb 18, 2026