Volerion logoVolerion
Volerion logoVolerion

Moxa Cellular Routers, Secure Routers, and Network Security Appliances OS Command Injection Vulnerability

Vulnerability

A critical OS command injection vulnerability has been identified in Moxa's cellular routers, secure routers, and network security appliances. This vulnerability arises from improperly restricted commands, allowing attackers to inject special characters and execute arbitrary code on the device. The issue affects several product series, including the EDR-8010, EDR-G9004, EDR-G9010, EDF-G1002-BP, NAT-102, OnCell G4302-LTE4, and TN-4900 series, all running specific firmware versions or earlier.

Impact

Exploitation of this vulnerability could lead to unauthorized command execution, allowing attackers to execute arbitrary code on the affected device.

Remediation

Users are advised to upgrade to the latest firmware versions available for their specific product series. For the OnCell G4302-LTE4 Series, please contact Moxa Technical Support for the security patch.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
5.2
impact
7.5
exploitability
7.6
remediation
0.0
relevance
0.0
threat
0.0
urgency
2.9
incentive
5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.