Description
An improper ownership management vulnerability has been identified in Moxa’s Secure Router. Because of improper ownership management, a low-privileged authenticated user may access a configuration file containing the hashed password of the administrative account. Successful exploitation of this vulnerability could allow an attacker to obtain sensitive information. Exploitation is only possible under a specific condition — when the configuration file has been exported. This vulnerability does not impact the integrity or availability of the affected product, and no confidentiality, integrity, or availability impact to the subsequent system has been identified.
Published: 2026-04-27
Score: 6 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Data Exposure (Admin Password Hash)
Action: Apply Patch
AI Analysis

Impact

An improper ownership management issue in Moxa Secure Router allows a low‑privileged authenticated user to read a configuration file that contains the hashed password of the administrative account. The vulnerability results in confidentiality loss; the attacker can obtain sensitive authentication material. Integrity and availability are not affected.

Affected Systems

The affected vendors are Moxa, specifically the EDR‑8010 Series and EDR‑9010 Series routers. No version information is supplied by the CNA; users should verify whether their device firmware matches the published vulnerable series.

Risk and Exploitability

The CVSS score of 6 indicates moderate risk. EPSS is reported as less than 1 %, implying a very low probability of exploitation in the wild, and the vulnerability is not listed in CISA KEV. Exploitation is only possible when the configuration file has been exported, a condition that limits the attack surface.

Generated by OpenCVE AI on April 28, 2026 at 04:52 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to the latest merchant firmware that implements correct ownership checks
  • Disable configuration export functionality or restrict it to privileged users only
  • Apply file‑system access controls to prevent low‑privileged users from reading /etc/edr.conf or equivalent configuration files

Generated by OpenCVE AI on April 28, 2026 at 04:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 28 Apr 2026 05:15:00 +0000

Type Values Removed Values Added
Title Improper Ownership Management Permits Low‑Privilege Access to Admin Password Hash

Mon, 27 Apr 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 27 Apr 2026 04:15:00 +0000

Type Values Removed Values Added
Description An improper ownership management vulnerability has been identified in Moxa’s Secure Router. Because of improper ownership management, a low-privileged authenticated user may access a configuration file containing the hashed password of the administrative account. Successful exploitation of this vulnerability could allow an attacker to obtain sensitive information. Exploitation is only possible under a specific condition — when the configuration file has been exported. This vulnerability does not impact the integrity or availability of the affected product, and no confidentiality, integrity, or availability impact to the subsequent system has been identified.
First Time appeared Moxa
Moxa edr-8010 Series
Moxa edr-g9010 Series
Weaknesses CWE-282
CPEs cpe:2.3:a:moxa:edr-8010_series:*:*:*:*:*:*:*:*
cpe:2.3:a:moxa:edr-8010_series:3.24:*:*:*:*:*:*:*
cpe:2.3:a:moxa:edr-g9010_series:*:*:*:*:*:*:*:*
cpe:2.3:a:moxa:edr-g9010_series:3.24:*:*:*:*:*:*:*
Vendors & Products Moxa
Moxa edr-8010 Series
Moxa edr-g9010 Series
References
Metrics cvssV4_0

{'score': 6, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Moxa Edr-8010 Series Edr-g9010 Series
cve-icon MITRE

Status: PUBLISHED

Assigner: Moxa

Published:

Updated: 2026-04-27T15:14:35.199Z

Reserved: 2026-03-10T07:56:27.311Z

Link: CVE-2026-3867

cve-icon Vulnrichment

Updated: 2026-04-27T15:14:31.747Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-27T04:16:04.937

Modified: 2026-04-27T18:57:20.293

Link: CVE-2026-3867

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T05:00:14Z

Weaknesses