CVE-2017-12121

Name of the Vulnerable Software and Affected Versions Moxa EDR-810 version 4.1 build 17030317

Description A command injection issue exists in the web server functionality, allowing a specially crafted HTTP POST to cause a privilege escalation resulting in a root shell. An attacker can inject OS commands into the rsakey name parameter in the "/goform/WebRSAKEYGen" API endpoint to trigger this issue.

Recommendations For Moxa EDR-810 version 4.1 build 17030317, consider disabling access to the "/goform/WebRSAKEYGen" API endpoint until a patch is available. Restrict the use of the rsakey name parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.