Secure Router EDR-G903
by Moxa
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-3868 | Hig | 0.57 | — | 0.00 | Apr 27, 2026 | An improper handling of the length parameter inconsistency vulnerability has been identified in Moxa’s Secure Router. Because of improper validation of length parameters in the HTTPS management interface, an unauthenticated remote attacker could send specially crafted… | ||
| CVE-2016-0879 | Hig | 0.49 | 7.5 | 0.02 | May 31, 2016 | Moxa Secure Router EDR-G903 devices before 3.4.12 do not delete copies of configuration and log files after completing the import function, which allows remote attackers to obtain sensitive information by requesting these files at an unspecified URL. | ||
| CVE-2016-0878 | Hig | 0.49 | 7.5 | 0.02 | May 31, 2016 | Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to cause a denial of service (cold start) by sending two crafted ping requests. | ||
| CVE-2016-0876 | Hig | 0.49 | 7.5 | 0.01 | May 31, 2016 | Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to discover cleartext passwords by reading a configuration file. | ||
| CVE-2016-0875 | Hig | 0.49 | 7.5 | 0.02 | May 31, 2016 | Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to read configuration and log files via a crafted URL. | ||
| CVE-2026-3867 | Med | 0.39 | — | 0.00 | Apr 27, 2026 | An improper ownership management vulnerability has been identified in Moxa’s Secure Router. Because of improper ownership management, a low-privileged authenticated user may access a configuration file containing the hashed password of the administrative account. Successful… | ||
| CVE-2012-4712 | 0.00 | — | 0.02 | Feb 15, 2013 | Moxa EDR-G903 series routers with firmware before 2.11 have a hardcoded account, which allows remote attackers to obtain unspecified device access via unknown vectors. |
- risk 0.57cvss —epss 0.00
An improper handling of the length parameter inconsistency vulnerability has been identified in Moxa’s Secure Router. Because of improper validation of length parameters in the HTTPS management interface, an unauthenticated remote attacker could send specially crafted…
- risk 0.49cvss 7.5epss 0.02
Moxa Secure Router EDR-G903 devices before 3.4.12 do not delete copies of configuration and log files after completing the import function, which allows remote attackers to obtain sensitive information by requesting these files at an unspecified URL.
- risk 0.49cvss 7.5epss 0.02
Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to cause a denial of service (cold start) by sending two crafted ping requests.
- risk 0.49cvss 7.5epss 0.01
Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to discover cleartext passwords by reading a configuration file.
- risk 0.49cvss 7.5epss 0.02
Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to read configuration and log files via a crafted URL.
- risk 0.39cvss —epss 0.00
An improper ownership management vulnerability has been identified in Moxa’s Secure Router. Because of improper ownership management, a low-privileged authenticated user may access a configuration file containing the hashed password of the administrative account. Successful…
- CVE-2012-4712Feb 15, 2013risk 0.00cvss —epss 0.02
Moxa EDR-G903 series routers with firmware before 2.11 have a hardcoded account, which allows remote attackers to obtain unspecified device access via unknown vectors.