Eds-G516E Firmware Security Vulnerabilities
On Moxa EDS-G508E, EDS-G512E, and EDS-G516E devices (with firmware through 6.0), denial of service can occur via PROFINET DCE-RPC endpoint discovery packets.
7.5CVSS
7.5AI Score
0.001EPSS
In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the affected products use a hard-coded cryptographic key, increasing the possibility that confidential data can be recovered.
7.5CVSS
7.5AI Score
0.002EPSS
In Moxa EDS-G516E Series firmware, Version 5.2 or lower, an attacker may gain access to the system without proper authentication.
9.8CVSS
9.4AI Score
0.002EPSS
In Moxa EDS-G516E Series firmware, Version 5.2 or lower, weak password requirements may allow an attacker to gain access using brute force.
9.8CVSS
9.6AI Score
0.002EPSS
In Moxa EDS-G516E Series firmware, Version 5.2 or lower, sensitive information is transmitted over some web applications in cleartext.
7.5CVSS
7.3AI Score
0.002EPSS
In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the affected products use a weak cryptographic algorithm, which may allow confidential information to be disclosed.
7.5CVSS
7.3AI Score
0.002EPSS
In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the attacker may execute arbitrary codes or target the device, causing it to go out of service.
9.8CVSS
9.6AI Score
0.003EPSS