CNNVD-202510-2417 Information
CNNVD ID
CNNVD-202510-2417
Related CVE
- CNNVD Published: 2025-10-17
Description (Chinese)
MOXA EDF-G1002-BP Series等都是中国摩莎(MOXA)公司的产品。MOXA EDF-G1002-BP Series是一系列工业级局域网(LAN)防火墙。Moxa EDR-8010 Series等都是中国台湾Moxa公司的产品。Moxa EDR-8010 Series是一系列安全路由器。Moxa EDR-G9010 Series是一系列安全路由器。 Moxa多款产品存在安全漏洞,该漏洞源于API授权逻辑缺陷,可能导致低权限用户执行高权限功能,造成内部网络侦察和资源消耗。以下产品受到影响:EDR-G9010 Series、EDR-8010 Series、EDF-G1002-BP Series、TN-4900 Series、NAT-102 Series、NAT-108 Series和OnCell G4302-LTE4 Series。
Description (English)
MOXA EDF-G1002-BP Series, etc., are products of Moosa China. MOXA EDF-G1002-BP Series is a series of industrial local area network (LAN) firewalls. Moxa EDR-8010 Series, among others, is a product of Moxa, Taiwan, China. Moxa EDR-8010 Series is a series of secure routers. Moxa EDR-G9010 Series is a series of secure routers. There is a security loophole in Moxa ’ s multiple products, which stems from the API ’ s authorized logic deficiencies, which may result in low-authorization users performing high-authority functions, resulting in internal network surveillance and resource consumption. The following products were affected: EDR-G9010 Series, EDR-8010 Series, EDF-G1002-BP Series, TN-4900 Series, NAT-102 Series, NAT-108 Series and OnCell G4302-LTE4 Series.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
摩莎
Published
2025-10-17
Last Modified
2026-02-24
References
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-258121-cve-2025-6892 https://access.redhat.com/security/cve/cve-2025-6894