Sign-up

ID

VAR-202311-0287


CVE

CVE-2023-4452


DESCRIPTION

A vulnerability has been identified in the EDR-810, EDR-G902, and EDR-G903 Series, making them vulnerable to the denial-of-service vulnerability. This vulnerability stems from insufficient input validation in the URI, potentially enabling malicious users to trigger the device reboot

Trust: 0.99

sources: NVD: CVE-2023-4452 // VULMON: CVE-2023-4452

AFFECTED PRODUCTS

vendor:moxamodel:edr-810-2gsfp-tscope:ltversion:5.12.29

Trust: 1.0

vendor:moxamodel:edr-810-vpn-2gsfp-tscope:ltversion:5.12.29

Trust: 1.0

vendor:moxamodel:edr-810-vpn-2gsfpscope:ltversion:5.12.29

Trust: 1.0

vendor:moxamodel:edr-g902scope:ltversion:5.7.21

Trust: 1.0

vendor:moxamodel:edr-g902-tscope:ltversion:5.7.21

Trust: 1.0

vendor:moxamodel:edr-g903scope:ltversion:5.7.21

Trust: 1.0

vendor:moxamodel:edr-810-2gsfpscope:ltversion:5.12.29

Trust: 1.0

vendor:moxamodel:edr-g903-tscope:ltversion:5.7.21

Trust: 1.0

sources: NVD: CVE-2023-4452

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2023-4452
value: HIGH

Trust: 1.0

psirt@moxa.com: CVE-2023-4452
value: MEDIUM

Trust: 1.0

nvd@nist.gov: CVE-2023-4452
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

psirt@moxa.com: CVE-2023-4452
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: LOW
exploitabilityScore: 3.9
impactScore: 2.5
version: 3.1

Trust: 1.0

sources: NVD: CVE-2023-4452 // NVD: CVE-2023-4452

PROBLEMTYPE DATA

problemtype:CWE-120

Trust: 1.0

sources: NVD: CVE-2023-4452

EXTERNAL IDS

db:NVDid:CVE-2023-4452

Trust: 1.1

db:VULMONid:CVE-2023-4452

Trust: 0.1

sources: VULMON: CVE-2023-4452 // NVD: CVE-2023-4452

REFERENCES

url:https://www.moxa.com/en/support/product-support/security-advisory/mpsa-234880-edr-810-g902-g903-series-web-server-buffer-overflow-vulnerability

Trust: 1.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULMON: CVE-2023-4452 // NVD: CVE-2023-4452

SOURCES

db:VULMONid:CVE-2023-4452
db:NVDid:CVE-2023-4452

LAST UPDATE DATE

2024-08-14T15:36:41.987000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2023-4452date:2023-11-01T00:00:00
db:NVDid:CVE-2023-4452date:2023-11-09T16:46:36.617

SOURCES RELEASE DATE

db:VULMONid:CVE-2023-4452date:2023-11-01T00:00:00
db:NVDid:CVE-2023-4452date:2023-11-01T15:15:08.803