CVE-2024-0387
Published Feb 26, 2024
Last updated 18 days ago
Overview
- Description
- The EDS-4000/G4000 Series prior to version 3.2 includes IP forwarding capabilities that users cannot deactivate. An attacker may be able to send requests to the product and have it forwarded to the target. An attacker can bypass access controls or hide the source of malicious requests.
- Source
- psirt@moxa.com
- NVD status
- Awaiting Analysis
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Secondary
- Base score
- 6.5
- Impact score
- 3.7
- Exploitability score
- 2.3
- Vector string
- CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
- Severity
- MEDIUM
Weaknesses
- psirt@moxa.com
- CWE-1188