Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Very High
CVE-2020-14511
Disclosure Date: July 15, 2020 (last updated November 28, 2024)
Malicious operation of the crafted web browser cookie may cause a stack-based buffer overflow in the system web server on the EDR-G902 and EDR-G903 Series Routers (versions prior to 5.4).
0
Attacker Value
Very High
Remote Code Execution Vulnerabilities in Secomea, Moxa, and HMS eWon VPNs
Last updated December 21, 2020
Security researchers at Claroty [published details](https://www.claroty.com/2020/07/28/vpn-security-flaws/) on multiple pre-auth remote code execution vulnerabilities affecting virtual private network (VPN) implementations primarily used to provide remote access to operational technology (OT) networks. The vulnerabilities could allow unauthenticated attackers to execute arbitrary code.
Individual CVEs referenced in Claroty's research include CVE-2020-14500, CVE-2020-14508, CVE-2020-14510, CVE-2020-14512, CVE-2020-14511, and CVE-2020-14498. Affected products include Secomea GateManager, Moxa EDR-G902/3 industrial VPN servers, and eWon by HMS Networks.
3