CNNVD-202510-2424 Information
CNNVD ID
CNNVD-202510-2424
Related CVE
- CNNVD Published: 2025-10-17
Description (Chinese)
MOXA EDF-G1002-BP Series等都是中国摩莎(MOXA)公司的产品。MOXA EDF-G1002-BP Series是一系列高度集成的工业多端口安全路由器。MOXA EDR-8010 Series是一系列工业级安全路由器。Moxa EDR-G9010 Series等都是中国台湾Moxa公司的产品。Moxa EDR-G9010 Series是一系列安全路由器。 Moxa多款产品存在安全漏洞,该漏洞源于API授权缺陷,可能导致低权限用户创建管理员账户,进而获得设备完全控制权。以下产品受到影响:EDR-G9010 Series、EDR-8010 Series、EDF-G1002-BP Series、TN-4900 Series、NAT-102 Series、NAT-108 Series和OnCell G4302-LTE4 Series。
Description (English)
MOXA EDF-G1002-BP Series, etc., are products of Moosa China. MOXA EDF-G1002-BP Series is a series of highly integrated industrial multiple-end routers. MOXA EDR-8010 Series is a series of industrial safety routers. Moxa EDR-G9010 Series, among others, is a product of Taiwan, Taiwan, China. Moxa EDR-G9010 Series is a series of secure routers. There is a security loophole in Moxa ’ s multiple products, which stems from API ’ s authorized deficiencies, which may lead low-authority users to create administrator accounts and thus to full control of the equipment. The following products were affected: EDR-G9010 Series, EDR-8010 Series, EDF-G1002-BP Series, TN-4900 Series, NAT-102 Series, NAT-108 Series and OnCell G4302-LTE4 Series.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
摩莎
Published
2025-10-17
Last Modified
2026-02-24
References
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-258121-cve-2025-6892 https://access.redhat.com/security/cve/cve-2025-6949