CVE-2017-14437

Name of the Vulnerable Software and Affected Versions: Moxa EDR-810 version 4.1 build 17030317

Description: A denial of service issue exists in the web server functionality. It can be triggered by a specially crafted HTTP URI, specifically a GET request to "/MOXA LOG.ini" without a cookie header, causing a null pointer dereference.

Recommendations: For Moxa EDR-810 version 4.1 build 17030317, as a temporary workaround, consider restricting access to the "/MOXA LOG.ini" endpoint until a patch is available. Avoid sending GET requests to this endpoint without a cookie header to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.