EUVD-2025-34848

🗓️ 17 Oct 2025 02:17:07Reported by EUVDType

Moxa devices have a broken access control flaw; a low-privilege user can modify system settings via /api/v1/setting/data.

Reporter	Title	Published	Views	Family All 42
Circl	CVE-2025-6892	17 Oct 202513:34	–	circl
Circl	CVE-2025-6893	17 Oct 202510:34	–	circl
Circl	CVE-2025-6894	17 Oct 202513:34	–	circl
Circl	CVE-2025-6949	17 Oct 202509:04	–	circl
Circl	CVE-2025-6950	17 Oct 202507:34	–	circl
CNNVD	Moxa多款产品安全漏洞	17 Oct 202500:00	–	cnnvd
CNNVD	Moxa多款产品安全漏洞	17 Oct 202500:00	–	cnnvd
CNNVD	Moxa多款产品安全漏洞	17 Oct 202500:00	–	cnnvd
CNNVD	Moxa多款产品安全漏洞	17 Oct 202500:00	–	cnnvd
CNNVD	Moxa多款产品安全漏洞	17 Oct 202500:00	–	cnnvd

[
  {
    "enisaIdVendor": [
      {
        "id": "fb3ea3a9-0470-3353-a1fa-61a1ad3bc40e",
        "vendor": {
          "name": "Moxa"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "0362a232-8a41-346a-87f0-d132e1ab72b9",
        "product": {
          "name": "EDR-G9010 Series"
        },
        "product_version": ""
      },
      {
        "id": "060b078d-9ffe-3f1b-acec-3e4ce9524ed9",
        "product": {
          "name": "TN-4900 Series"
        },
        "product_version": ""
      },
      {
        "id": "0a98f24d-5311-3ab4-99d6-d550dacad4eb",
        "product": {
          "name": "EDF-G1002-BP Series"
        },
        "product_version": ""
      },
      {
        "id": "14a2baab-3adb-3907-b6ef-6b8f87adf656",
        "product": {
          "name": "NAT-102 Series"
        },
        "product_version": ""
      },
      {
        "id": "1e549f24-a4a2-3737-a603-b94ecbb65f8d",
        "product": {
          "name": "NAT-108 Series"
        },
        "product_version": ""
      },
      {
        "id": "607c4623-b057-34f7-8520-936dfcc8c876",
        "product": {
          "name": "NAT-108 Series"
        },
        "product_version": "1.0 ≤3.16"
      },
      {
        "id": "6e445ac0-2664-3040-a10d-6920bec4de8b",
        "product": {
          "name": "NAT-102 Series"
        },
        "product_version": "1.0 ≤3.17"
      },
      {
        "id": "7a910cd0-1ef0-359f-9b2c-07d389a6a4fa",
        "product": {
          "name": "EDR-G9010 Series"
        },
        "product_version": "1.0 ≤3.14"
      },
      {
        "id": "7bd5020e-f796-34ea-92e9-705d33a88341",
        "product": {
          "name": "EDR-8010 Series"
        },
        "product_version": ""
      },
      {
        "id": "87b75a25-74bc-32c9-a069-c29eb72f0718",
        "product": {
          "name": "TN-4900 Series"
        },
        "product_version": "1.0 ≤3.14"
      },
      {
        "id": "90c1d9e5-a4d1-358c-862f-9c7a7d2ac825",
        "product": {
          "name": "EDR-8010 Series"
        },
        "product_version": "1.0 ≤3.17"
      },
      {
        "id": "9d01454c-4722-3d87-840b-3c7531f2c324",
        "product": {
          "name": "EDF-G1002-BP Series"
        },
        "product_version": "1.0 ≤3.17"
      },
      {
        "id": "bb8d07de-fbd2-31aa-8521-a52708dda0af",
        "product": {
          "name": "OnCell G4302-LTE4 Series"
        },
        "product_version": ""
      },
      {
        "id": "eccde4aa-5732-3522-859f-1822c6589c77",
        "product": {
          "name": "OnCell G4302-LTE4 Series"
        },
        "product_version": "1.0 ≤3.13"
      }
    ]
  }
]

Source	Link
moxa	www.moxa.com/en/support/product-support/security-advisory/mpsa-258121-cve-2025-6892,-cve-2025-6893,-cve-2025-6894,-cve-2025-6949,-cve-2025-6950-multiple-vulnerabilities-in-netwo
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-6893

17 Oct 2025 13:45Current

6Medium risk

Vulners AI Score6

CVSS 49.3 - 9.9

EPSS0.0029

SSVC