CVE-2017-14437
Description
An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in denial of service. An attacker can send a GET request to "/MOXA\_LOG.ini" without a cookie header to trigger this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A null pointer dereference in Moxa EDR-810 V4.1 build 17030317 web server causes a denial of service via a GET request without a cookie header.
Vulnerability
A null pointer dereference vulnerability exists in the web server of Moxa EDR-810 V4.1 build 17030317. When a specially crafted HTTP GET request is sent to /MOXA_LOG.ini (or similar URIs) without a Cookie header, the server performs a strcmp on a null pointer, causing a crash. The issue stems from the server not checking for the presence of a cookie header before processing the request. Affected versions: EDR-810 V4.1 build 17030317 [1].
Exploitation
An attacker can exploit this vulnerability remotely without authentication. The only requirement is network access to the device's web server. The attacker sends a GET request to /MOXA_LOG.ini, /MOXA_CFG.ini, or /MOXA_CFG2.ini without including a Cookie header. The proof-of-concept uses curl to send such a request [1].
Impact
Successful exploitation causes a null pointer dereference, leading to a crash of the web server process. This results in a denial of service (DoS) condition, rendering the device's web management interface unavailable. The impact is limited to availability; no data confidentiality or integrity is compromised [1].
Mitigation
Moxa has not publicly released a firmware update for this vulnerability at the time of disclosure. Users are advised to restrict network access to the web server (e.g., via firewall rules) and monitor for updates from Moxa. The vulnerability is not listed on CISA's Known Exploited Vulnerabilities (KEV) catalog [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Talos/Moxav5Range: Moxa EDR-810 V4.1 build 17030317
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"Missing NULL-pointer check before passing the cookie-derived pointer to strcmp causes a null pointer dereference."
Attack vector
An unauthenticated attacker sends a GET request to the URI "/MOXA_LOG.ini" (or "/MOXA_CFG.ini" or "/MOXA_CFG2.ini") without including a Cookie header [ref_id=1]. The web server's request handler reads the cookie value into a pointer that remains NULL when the header is absent, then passes that NULL pointer to `strcmp`, causing a null pointer dereference [CWE-476]. This crashes the web server process, resulting in a denial of service. The attack requires no authentication and can be launched over the network from any host that can reach the device [ref_id=1].
Affected code
The vulnerability resides in the web server binary of Moxa EDR-810 V4.1 build 17030317. At addresses 0x1B574–0x1B57C, the code loads a pointer (R0) from [R11,#s1] — which is nil when no cookie header is present — and passes it directly to `strcmp` against the string "/MOXA_LOG.ini" [ref_id=1].
What the fix does
The advisory does not include a patch diff, but the vendor released updated firmware on April 12, 2018 [ref_id=1]. The fix would need to add a NULL check on the cookie-derived pointer before passing it to `strcmp`, or ensure the pointer is initialized to a safe default value when the Cookie header is absent. Without the actual patch, the exact remediation cannot be confirmed from the available information.
Preconditions
- authNo authentication required
- networkAttacker must be able to send HTTP GET requests to the device on the network
- inputRequest must target /MOXA_LOG.ini (or /MOXA_CFG.ini or /MOXA_CFG2.ini)
- inputRequest must omit the Cookie header entirely
Reproduction
Send a GET request to the target device without a Cookie header: `curl -v 192.168.127.254/MOXA_LOG.ini` (or replace with `/MOXA_CFG.ini` or `/MOXA_CFG2.ini`) [ref_id=1]. The web server will crash upon receiving the request.
Generated on May 25, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
1- www.talosintelligence.com/vulnerability_reports/TALOS-2017-0474mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.