CVE-2020-14511
CRITICALMoxa EDR-G902 and EDR-G903 Series Routers < 5.4 - Stack-based Buffer Overflow via Crafted Web Browser Cookie
Title source: llmDescription
Malicious operation of the crafted web browser cookie may cause a stack-based buffer overflow in the system web server on the EDR-G902 and EDR-G903 Series Routers (versions prior to 5.4).
References (1)
Core 1
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://us-cert.cisa.gov/ics/advisories/icsa-20-196-02
Scores
CVSS v3
9.8
EPSS
0.0031
EPSS Percentile
54.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-121
CWE-787
Status
published
Products (4)
moxa/edr-g902-t_firmware
< 5.4
moxa/edr-g902_firmware
< 5.4
moxa/edr-g903-t_firmware
< 5.4
moxa/edr-g903_firmware
< 5.4
Published
Jul 15, 2020
Tracked Since
Feb 18, 2026