CVE-2012-4694

Name of the Vulnerable Software and Affected Versions Moxa EDR-G903 series routers versions prior to 2.11

Description The issue concerns the insufficient source of entropy used for generating SSH and SSL keys. This weakness can be exploited by man-in-the-middle attackers to spoof a device or modify a client-server data stream, especially if they have knowledge of a key from another product installation.

Recommendations For versions prior to 2.11, update the firmware to version 2.11 or later to address the issue with insufficient entropy for SSH and SSL keys.