cve/2019/CVE-2019-10969.md

### [CVE-2019-10969](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10969)
![](https://img.shields.io/static/v1?label=Product&message=Moxa%20EDR%20810&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=IMPROPER%20INPUT%20VALIDATION%20CWE-20&color=brighgreen)

### Description

Moxa EDR 810, all versions 5.1 and prior, allows an authenticated attacker to abuse the ping feature to execute unauthorized commands on the router, which may allow an attacker to perform remote code execution.

### POC

#### Reference
- http://packetstormsecurity.com/files/154943/Moxa-EDR-810-Command-Injection-Information-Disclosure.html

#### Github
- https://github.com/ARPSyndicate/cvemon
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2019-10969](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10969)`
			`![](https://img.shields.io/static/v1?label=Product&message=Moxa%20EDR%20810&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=IMPROPER%20INPUT%20VALIDATION%20CWE-20&color=brighgreen)`

			`### Description`

			`Moxa EDR 810, all versions 5.1 and prior, allows an authenticated attacker to abuse the ping feature to execute unauthorized commands on the router, which may allow an attacker to perform remote code execution.`

			`### POC`

			`#### Reference`
			`- http://packetstormsecurity.com/files/154943/Moxa-EDR-810-Command-Injection-Information-Disclosure.html`

			`#### Github`
			`- https://github.com/ARPSyndicate/cvemon`