Good news ! Hackbusters community is waiting for you !
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at:

Severe Flaws Expose Moxa Industrial Routers to Attacks

Cisco’s Talos intelligence and research group has reported identifying a total of 17 vulnerabilities in an industrial router from Moxa, including many high severity command injection and denial-of-service (DoS) flaws.

The security holes have been identified in Moxa EDR-810, an integrated industrial multiport secure router that provides firewall, NAT, VPN and managed Layer 2 switch capabilities. According to the vendor, the device is designed for controlling, monitoring and protecting critical assets, such as pumping and treatment systems in water stations, PLC and SCADA systems in factory automation applications, and DCS in oil and gas organizations.

Several of the problems found by Cisco have been described as high severity command injection vulnerabilities affecting the web server functionality of this Moxa router. The flaws allow an attacker to escalate privileges and obtain a root shell on the system by sending specially crafted HTTP POST requests to the targeted...(continued)

View All Trending Stories