CVE-2023-4452— Web Server Buffer Overflow Vulnerability
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2023-4452
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Web Server Buffer Overflow Vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability has been identified in the EDR-810, EDR-G902, and EDR-G903 Series, making them vulnerable to the denial-of-service vulnerability. This vulnerability stems from insufficient input validation in the URI, potentially enabling malicious users to trigger the device reboot.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
未进行输入大小检查的缓冲区拷贝(传统缓冲区溢出)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Moxa EDR-810,EDR-G902,EDR-G903系列 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
MOXA Moxa EDR-810等都是中国摩莎(MOXA)公司的产品。Moxa EDR-810是一款安全路由器。Moxa EDR-G903是一款集防火墙/NAT/VPN 于一体的工业安全路由器设备。Moxa EDR-G902是一款集防火墙/NAT/VPN 于一体的工业安全路由器设备。 Moxa EDR-810,EDR-G902,EDR-G903系列存在安全漏洞,该漏洞源于URI中的输入验证不足,导致存在拒绝服务(DOS)漏洞。受影响的产品和版本:Moxa EDR-810系列 v5.12.28及之前版本,
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Moxa | EDR-810 Series | 1.0 ~ 5.12.28 | - | |
| Moxa | EDR G902 Series | 1.0 ~ 5.7.20 | - | |
| Moxa | EDR G903 Series | 1.0 ~ 5.7.20 | - |
II. Public POCs for CVE-2023-4452
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2023-4452
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same weakness: CWE-120
- CVE-2018-25328
VX Search 10.6.18 Local Buffer Overflow via Directory Field - CVE-2018-25323
Allok AVI DivX MPEG to DVD Converter 2.6.1217 Buffer Overflo - CVE-2020-37234
Internet Download Manager 6.38.12 Scheduler Buffer Overflow - CVE-2025-29944
AMD Sensor Fusion Hub 驱动缓冲区溢出致系统崩溃 - CVE-2025-0045
AMD Secure Processor驱动输入验证漏洞致拒绝服务
V. Comments for CVE-2023-4452
No comments yet