VDB
CVE-2024-9140
CVE-2024-9140
PUBLISHED
Es existiert eine Schwachstelle in Moxa Routern. Grund ist eine unzureichende Prüfung von Benutzereingaben. Ein entfernter, anonymer Angreifer kann dadurch beliebige Kommandos zur Ausführung bringen.
EPSS 0.72% · 72.9th percentile
Risk Scores
EPSS Score
0.72%
72.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Moxa | Moxa Router EDR-G9004 Series <3.14 | |
| Moxa | Moxa Router EDF-G1002-BP Series <3.14 | |
| Moxa | Moxa Router EDR-G9010 Series <3.14 | |
| Moxa | Moxa Router EDR-G902 Series <3.14 | |
| Moxa | Moxa Router TN-4900 Series | |
| Moxa | Moxa Router EDR-810 Series <3.14 | |
| Moxa | Moxa Router EDR-G903 Series <3.14 | |
| Moxa | Moxa Router NAT-102 Series | |
| Moxa | Moxa Router EDR-8010 Series <3.14 | |
| Moxa | Moxa Router OnCell G4302-LTE4 Series |
Timeline
- Jan 2, 2025 CVE Published
- Jan 3, 2025 PoC Published
- Jan 3, 2025 PoC Published
- Jan 3, 2025 PoC Published
- Jan 3, 2025 PoC Published
- Jan 4, 2025 EPSS Score
- Jan 6, 2025 PoC Published
- Jan 6, 2025 PoC Published
- Jan 6, 2025 PoC Published
- Jan 6, 2025 PoC Published
- Jan 6, 2025 PoC Published
- Jan 6, 2025 PoC Published
References
- https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0006.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0006 advisory
- https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241155-privilege-escalation-and-os-command-injection-vulnerabilities-in-cellular-routers,-secure-routers,-and-netwo advisory