Moxa EDR-810 Web Server strcmp Denial of Service (CVE-2017-14435)

An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in denial of service. An attacker can send a GET request to /MOXA\CFG.ini without a cookie header ...

CVE-2017-14435

CVE-2017-14435 affects Moxa EDR-810 Web Server on version 4.1 build 17030317. A null pointer dereference in the web server can be triggered by a crafted HTTP URI, specifically by sending a GET to /MOXA_CFG.ini (and related endpoints such as /MOXA_LOG.ini or /MOXA_CFG2.ini) without a cookie header...

Moxa EDR-810 Web Server strcmp Multiple Denial of Service Vulnerabilities(CVE-2017-14435 - CVE-2017-14437)

Summary An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in denial of service. An attacker can send a GET request to "/MOXALOG.ini, /MOXACFG.ini, o...

Moxa EDR-810 Web Server strcmp Multiple Denial of Service Vulnerabilities

Summary An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in denial of service. An attacker can send a GET request to “/MOXALOG.ini, /MOXACFG.ini, o...