CVE-2017-14435
Description
An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in denial of service. An attacker can send a GET request to "/MOXA\_CFG.ini" without a cookie header to trigger this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A null pointer dereference in Moxa EDR-810 V4.1 build 17030317 allows unauthenticated remote attackers to crash the web server via a GET request to /MOXA_CFG.ini without a cookie header.
Vulnerability
A null pointer dereference vulnerability exists in the web server of Moxa EDR-810 firmware version V4.1 build 17030317. When the server receives a GET request to /MOXA_CFG.ini without a Cookie header, the code path dereferences a null pointer, causing a crash. The affected URI is specifically /MOXA_CFG.ini (CVE-2017-14435), though related URIs /MOXA_CFG2.ini and /MOXA_LOG.ini are covered by separate CVEs [1].
Exploitation
An attacker can exploit this vulnerability by sending a crafted HTTP GET request to the target device's web server at the URI /MOXA_CFG.ini without including a Cookie header. No authentication is required, and the attack can be performed remotely over the network. A simple curl command suffices to trigger the crash [1].
Impact
Successful exploitation causes the web server process to crash, resulting in a denial of service (DoS). The device's web interface becomes unavailable until the service is manually restarted or the device is rebooted. The CVSSv3 score is 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), indicating high availability impact with no confidentiality or integrity loss [1].
Mitigation
Moxa has not released a firmware update for this vulnerability as of the publication date. Users should restrict network access to the web server to trusted hosts only, or disable the web server if not required. The device is often deployed in industrial environments, so network segmentation and firewall rules are recommended workarounds [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Talos/Moxav5Range: Moxa EDR-810 V4.1 build 17030317
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"Missing null-pointer check on the Cookie header value before passing it to strcmp causes a null pointer dereference."
Attack vector
An unauthenticated attacker sends a GET request to the URI `/MOXA_CFG.ini` on the Moxa EDR-810 web server, deliberately omitting the Cookie header. The server code loads the cookie value pointer and passes it to `strcmp` without verifying it is non-null, triggering a null pointer dereference [CWE-476] [ref_id=1]. This crashes the web server process, resulting in a denial of service. The attack requires no authentication and can be launched over the network from any host that can reach the device [ref_id=1].
Affected code
The vulnerability resides in the web server binary handling HTTP requests. When a GET request is made to `/MOXA_CFG.ini`, the code at address `0x0001B544` loads a pointer from `[R11,#s1]` (the cookie header value) and passes it directly to `strcmp` without a null check. If no cookie header is present, that pointer is nil, causing a null pointer dereference [ref_id=1].
What the fix does
The advisory does not include a patch diff, but the vendor released updated firmware on 2018-04-12 to address the issue [ref_id=1]. The fix would need to add a null-pointer check on the cookie header value before passing it to `strcmp`, so that when no Cookie header is present the server returns an appropriate error response instead of dereferencing a nil pointer [ref_id=1].
Preconditions
- authNo authentication required
- networkAttacker must be able to send HTTP requests to the device's web server
- inputThe HTTP request must omit the Cookie header
Reproduction
curl -v 192.168.127.254/MOXA_CFG.ini
Generated on May 25, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
1- www.talosintelligence.com/vulnerability_reports/TALOS-2017-0474mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.