CVE-2025-6950

🗓️ 17 Oct 2025 03:19:48Reported by MoxaType

Hard coded credentials in Moxa devices allow forging JSON Web Tokens to bypass authentication and take full control.

Reporter	Title	Published	Views	Family All 15
Circl	CVE-2025-6950	17 Oct 202507:34	–	circl
CNNVD	Moxa多款产品安全漏洞	17 Oct 202500:00	–	cnnvd
Cvelist	CVE-2025-6950	17 Oct 202503:19	–	cvelist
EUVD	EUVD-2025-34847	17 Oct 202502:25	–	euvd
EUVD	EUVD-2025-34848	17 Oct 202502:17	–	euvd
EUVD	EUVD-2025-34849	17 Oct 202502:07	–	euvd
EUVD	EUVD-2025-34856	17 Oct 202503:19	–	euvd
EUVD	EUVD-2025-34857	17 Oct 202503:12	–	euvd
NCSC	Vulnerabilities fixed in Moxa's network security devices	20 Oct 202513:03	–	ncsc
NVD	CVE-2025-6950	17 Oct 202504:16	–	nvd

[
  {
    "defaultStatus": "unaffected",
    "product": "EDR-G9010 Series",
    "vendor": "Moxa",
    "versions": [
      {
        "lessThanOrEqual": "3.14",
        "status": "affected",
        "version": "1.0",
        "versionType": "custom"
      },
      {
        "status": "unaffected",
        "version": "3.21",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "EDR-8010 Series",
    "vendor": "Moxa",
    "versions": [
      {
        "lessThanOrEqual": "3.17",
        "status": "affected",
        "version": "1.0",
        "versionType": "custom"
      },
      {
        "status": "unaffected",
        "version": "3.21",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "EDF-G1002-BP Series",
    "vendor": "Moxa",
    "versions": [
      {
        "lessThanOrEqual": "3.17",
        "status": "affected",
        "version": "1.0",
        "versionType": "custom"
      },
      {
        "status": "unaffected",
        "version": "3.21",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "TN-4900 Series",
    "vendor": "Moxa",
    "versions": [
      {
        "lessThanOrEqual": "3.14",
        "status": "affected",
        "version": "1.0",
        "versionType": "custom"
      },
      {
        "status": "unaffected",
        "version": "3.21",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "NAT-102 Series",
    "vendor": "Moxa",
    "versions": [
      {
        "lessThanOrEqual": "3.17",
        "status": "affected",
        "version": "1.0",
        "versionType": "custom"
      },
      {
        "status": "unaffected",
        "version": "3.21",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "NAT-108 Series",
    "vendor": "Moxa",
    "versions": [
      {
        "lessThanOrEqual": "3.16",
        "status": "affected",
        "version": "1.0",
        "versionType": "custom"
      },
      {
        "status": "unaffected",
        "version": "3.21",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "OnCell G4302-LTE4 Series",
    "vendor": "Moxa",
    "versions": [
      {
        "lessThanOrEqual": "3.13",
        "status": "affected",
        "version": "1.0",
        "versionType": "custom"
      },
      {
        "status": "unaffected",
        "version": "3.21.0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
moxa	www.moxa.com/en/support/product-support/security-advisory/mpsa-258121-cve-2025-6892,-cve-2025-6893,-cve-2025-6894,-cve-2025-6949,-cve-2025-6950-multiple-vulnerabilities-in-netwo

15 Apr 2026 00:35Current

6.8Medium risk

Vulners AI Score6.8

CVSS 49.9

EPSS0.0029

SSVC

CWE-798