Lucene search
K

PT-2025-42580

🗓️ 17 Oct 2025 00:00:00Reported by Positive TechnologiesType 
ptsecurity
 ptsecurity
🔗 dbugs.ptsecurity.com👁 3 Views

Moxa devices sign tokens with a hard coded secret, enabling token forgery and authentication bypass leading to full compromise.

Related
Refs
ReporterTitlePublishedViews
Family
BDU FSTEC
The vulnerability of the application software interface of Moxa network devices of the EDR-G9010, EDR-8010, EDF-G1002-BP, TN-4900, NAT-102, NAT-108, and OnCell G4302-LTE4 series lies in the use of rigidly encoded credentials. This allows a malicious individual to gain full access to the device.
20 Oct 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of Moxa’s network device software, related to errors in privilege management, allows a hacker to gain full control over the device.
21 Oct 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of Moxa’s network device software-related microprogramming systems, related to errors in privilege management, allows attackers to escalate their privileges.
21 Oct 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of Moxa network device software of the EDR-G9010, EDR-8010, EDF-G1002-BP, TN-4900, NAT-102, NAT-108, and OnCell G4302-LTE4 series is related to deficiencies in authentication mechanisms. This allows unauthorized individuals to gain access to protected information.
21 Oct 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of Moxa network device software of the EDR-G9010, EDR-8010, EDF-G1002-BP, TN-4900, NAT-102, NAT-108, and OnCell G4302-LTE4 series is related to errors in privilege management. This vulnerability allows attackers to compromise the confidentiality and accessibility of protected information.
21 Oct 202500:00
bdu_fstec
Circl
CVE-2025-6892
17 Oct 202513:34
circl
Circl
CVE-2025-6893
17 Oct 202510:34
circl
Circl
CVE-2025-6894
17 Oct 202513:34
circl
Circl
CVE-2025-6949
17 Oct 202509:04
circl
Circl
CVE-2025-6950
17 Oct 202507:34
circl
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

25 Nov 2025 00:00Current
6.3Medium risk
Vulners AI Score6.3
CVSS 210
CVSS 49.9
EPSS0.00658
SSVC
3