VYPR

Secure Router EDR-G903

by Moxa

CVEs (7)

  • CVE-2026-3868HigApr 27, 2026
    risk 0.57cvss epss 0.00

    An improper handling of the length parameter inconsistency vulnerability has been identified in Moxa’s Secure Router. Because of improper validation of length parameters in the HTTPS management interface, an unauthenticated remote attacker could send specially crafted…

  • CVE-2016-0879HigMay 31, 2016
    risk 0.49cvss 7.5epss 0.02

    Moxa Secure Router EDR-G903 devices before 3.4.12 do not delete copies of configuration and log files after completing the import function, which allows remote attackers to obtain sensitive information by requesting these files at an unspecified URL.

  • CVE-2016-0878HigMay 31, 2016
    risk 0.49cvss 7.5epss 0.02

    Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to cause a denial of service (cold start) by sending two crafted ping requests.

  • CVE-2016-0876HigMay 31, 2016
    risk 0.49cvss 7.5epss 0.01

    Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to discover cleartext passwords by reading a configuration file.

  • CVE-2016-0875HigMay 31, 2016
    risk 0.49cvss 7.5epss 0.02

    Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to read configuration and log files via a crafted URL.

  • CVE-2026-3867MedApr 27, 2026
    risk 0.39cvss epss 0.00

    An improper ownership management vulnerability has been identified in Moxa’s Secure Router. Because of improper ownership management, a low-privileged authenticated user may access a configuration file containing the hashed password of the administrative account. Successful…

  • CVE-2012-4712Feb 15, 2013
    risk 0.00cvss epss 0.02

    Moxa EDR-G903 series routers with firmware before 2.11 have a hardcoded account, which allows remote attackers to obtain unspecified device access via unknown vectors.