Description
An improper handling of the length parameter inconsistency vulnerability has been identified in Moxa’s Secure Router. Because of improper validation of length parameters in the HTTPS management interface, an unauthenticated remote attacker could send specially crafted requests that trigger a buffer overflow condition, causing the web service to become unresponsive. Successful exploitation may result in a denial-of-service condition requiring a device reboot to restore normal operation. While successful exploitation can severely impact the availability of the affected device, no impact to the confidentiality or integrity of the affected product has been identified. Additionally, no confidentiality, integrity, or availability impact to the subsequent system has been identified.
Published: 2026-04-27
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Immediate Patch
AI Analysis

Impact

The vulnerability is an improper validation of length parameters in the HTTPS management interface of Moxa’s Secure Router. This flaw allows an unauthenticated remote attacker to send specially crafted requests that trigger a buffer overflow. The overflow causes the web service to become unresponsive, leading to a denial‑of‑service condition that requires a device reboot to recover. No confidentiality or integrity impact has been identified; the issue solely affects availability.

Affected Systems

The affected devices are Moxa EDR‑8010 Series and EDR‑G9010 Series routers running firmware version 3.24. Updating the router firmware or applying an official patch from Moxa is required to eliminate the vulnerability.

Risk and Exploitability

The CVSS score of 8.7 classifies this flaw as high severity, while the EPSS score of less than 1% indicates a low probability of exploitation at present. The flaw is not listed in the CISA KEV catalog. Successful exploitation requires no authentication and can be performed over the HTTPS management interface, which is typically exposed on the network. Therefore, the attack vector is an unauthenticated remote HTTPS request that must reach the management service.

Generated by OpenCVE AI on April 28, 2026 at 19:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply Moxa’s firmware update or patch that resolves the improper length parameter validation in the HTTPS management interface of the EDR‑8010 and EDR‑G9010 series.
  • Configure the device’s firewall or access control lists to limit HTTPS management traffic to a trusted network segment or specific IP addresses, reducing the exposed attack surface.
  • Set up monitoring and alerting for sudden web service crashes or restarts on the routers, and ensure that a recovery procedure such as automatic reboot or fail‑over is in place to restore availability quickly.

Generated by OpenCVE AI on April 28, 2026 at 19:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 28 Apr 2026 20:15:00 +0000

Type Values Removed Values Added
Title Improper Length Parameter Validation Causing Buffer Overflow and DoS in Moxa Secure Router

Mon, 27 Apr 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 27 Apr 2026 04:15:00 +0000

Type Values Removed Values Added
Description An improper handling of the length parameter inconsistency vulnerability has been identified in Moxa’s Secure Router. Because of improper validation of length parameters in the HTTPS management interface, an unauthenticated remote attacker could send specially crafted requests that trigger a buffer overflow condition, causing the web service to become unresponsive. Successful exploitation may result in a denial-of-service condition requiring a device reboot to restore normal operation. While successful exploitation can severely impact the availability of the affected device, no impact to the confidentiality or integrity of the affected product has been identified. Additionally, no confidentiality, integrity, or availability impact to the subsequent system has been identified.
First Time appeared Moxa
Moxa edr-8010 Series
Moxa edr-g9010 Series
Weaknesses CWE-130
CPEs cpe:2.3:a:moxa:edr-8010_series:*:*:*:*:*:*:*:*
cpe:2.3:a:moxa:edr-8010_series:3.24:*:*:*:*:*:*:*
cpe:2.3:a:moxa:edr-g9010_series:*:*:*:*:*:*:*:*
cpe:2.3:a:moxa:edr-g9010_series:3.24:*:*:*:*:*:*:*
Vendors & Products Moxa
Moxa edr-8010 Series
Moxa edr-g9010 Series
References
Metrics cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Moxa Edr-8010 Series Edr-g9010 Series
cve-icon MITRE

Status: PUBLISHED

Assigner: Moxa

Published:

Updated: 2026-04-27T15:14:14.677Z

Reserved: 2026-03-10T07:56:29.470Z

Link: CVE-2026-3868

cve-icon Vulnrichment

Updated: 2026-04-27T15:14:09.753Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-27T04:16:09.090

Modified: 2026-04-27T18:57:20.293

Link: CVE-2026-3868

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T20:00:19Z

Weaknesses