Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into the remoteNetmask0= parameter in the "/goform/net\_Web\_get_value" uri to trigger this vulnerability.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Moxa EDR-810 命令注入漏洞
Vulnerability Description
Moxa EDR-810是摩莎(Moxa)公司的一款同时具有防火墙和VPN功能的的安全路由器。 Moxa EDR-810 4.1 build 17030317版本中的Web服务器功能存在命令注入漏洞。攻击者可通过发送特制的HTTP POST请求利用该漏洞提升权限。
CVSS Information
N/A
Vulnerability Type
N/A