Moxa Secure Router Information Leakage Vulnerability (CVE-2016-0879)
Moxa Secure Router Information Leakage Vulnerability (CVE-2016-0879)
Release date:
Updated on:
Affected Systems:
Moxa EDR-G903
Description:
CVE (CAN) ID: CVE-2016-0879
The Moxa EDR-G903 is a virtual private network server.
Moxa Secure Router EDR-G903 versions earlier than 3.4.12 do not delete the configuration and log files after the import function execution, there is a security vulnerability. Malicious users can request these files to obtain sensitive information.
<* Source: Maxim Rupp
Link: https://ics-cert.us-cert.gov/advisories/ICSA-16-042-01
*>
Suggestion:
Vendor patch:
Moxa
----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.moxa.com/support/request_support.aspx
This article permanently updates the link address: