CVE-2019-10969: Input Validation
First published: Tue Oct 08 2019(Updated: )
Moxa EDR 810, all versions 5.1 and prior, allows an authenticated attacker to abuse the ping feature to execute unauthorized commands on the router, which may allow an attacker to perform remote code execution.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Moxa Edr-810 Firmware | <=5.1 | |
| Moxa EDR-810 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2019-10969?
CVE-2019-10969 has a high severity rating due to its potential for remote code execution by an authenticated attacker.
How do I fix CVE-2019-10969?
To fix CVE-2019-10969, update the Moxa EDR 810 to a version later than 5.1.
What type of attack is possible with CVE-2019-10969?
CVE-2019-10969 allows an authenticated attacker to execute unauthorized commands on the router, potentially leading to remote code execution.
Which versions of Moxa EDR 810 are affected by CVE-2019-10969?
All versions of Moxa EDR 810 firmware up to and including version 5.1 are affected by CVE-2019-10969.
What is the exploitation impact of CVE-2019-10969?
The exploitation of CVE-2019-10969 can result in unauthorized command execution, compromising the integrity and availability of the affected device.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/weakness
- agent/tags
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- vendor/moxa
- canonical/moxa edr-810 firmware
- version/moxa edr-810 firmware/5.1
- canonical/moxa edr-810