Moxa EDR-G903 series routers with firmware prior to 2.11 do not use a sufficient source of entropy for (1) SSH and (2) SSL keys, which makes it easier for man-in-the-middle malicious users to spoof a device or modify a client-server data stream by leveraging knowledge of a key from a product installation elsewhere.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
moxa edr_g903_firmware |
||
moxa edr_g903_firmware 2.1 |
||
moxa edr_g903_firmware 2.0 |
||
moxa edr_g903_firmware 1.0 |
||
moxa edr-g903 - |