VDB
CVE-2024-9138
CVE-2024-9138
PUBLISHED
Es existiert eine Schwachstelle in Moxa Routern aufgrund von vorgegebenen Default-Credentials. Ein entfernter, authentisierter Angreifer kann sich dadurch root-Rechte verschaffen.
EPSS 0.25% · 48.1th percentile
Risk Scores
EPSS Score
0.25%
48.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Moxa | Moxa Router EDR-G9004 Series <3.14 | |
| Moxa | Moxa Router EDR-G9010 Series <3.14 | |
| Moxa | Moxa Router EDF-G1002-BP Series <3.14 | |
| Moxa | Moxa Router EDR-G903 Series <3.14 | |
| Moxa | Moxa Router EDR-810 Series <3.14 | |
| Moxa | Moxa Router NAT-102 Series | |
| Moxa | Moxa Router TN-4900 Series | |
| Moxa | Moxa Router EDR-8010 Series <3.14 | |
| Moxa | Moxa Router OnCell G4302-LTE4 Series | |
| Moxa | Moxa Router EDR-G902 Series <3.14 |
Timeline
- Jan 2, 2025 CVE Published
- Jan 3, 2025 PoC Published
- Jan 3, 2025 PoC Published
- Jan 3, 2025 PoC Published
- Jan 4, 2025 EPSS Score
- Jan 6, 2025 PoC Published
- Jan 6, 2025 PoC Published
- Jan 6, 2025 PoC Published
- Jan 6, 2025 PoC Published
- Jan 6, 2025 PoC Published
- Jan 6, 2025 PoC Published
- Jan 7, 2025 PoC Published
References
- https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0006.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0006 advisory
- https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241155-privilege-escalation-and-os-command-injection-vulnerabilities-in-cellular-routers,-secure-routers,-and-netwo advisory