We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Moxa’s IP Cameras are affected by a medium-severity vulnerability, CVE-2024-9404, which could lead to a denial-of-service condition or cause a service crash. This vulnerability allows attackers to exploit the Moxa service, commonly referred to as moxa_cmd, originally designed for deployment. Because of insufficient input validation, this service may be manipulated to trigger a denial-of-service. This vulnerability poses a significant remote threat if the affected products are exposed to publicly accessible networks. Attackers could potentially disrupt operations by shutting down the affected systems. Due to the critical nature of this security risk, we strongly recommend taking immediate action to prevent potential exploitation.
Reserved 2024-10-01 | Published 2024-12-04 | Updated 2024-12-04 | Assigner MoxaThe vulnerability causes only the network server service (HTTPS on port 443) to restart. This does not affect the main functionality of the product. After an automatic restart, the service resumes normal operation without disruption to core functions.
The vulnerability causes only the network server service (HTTPS on port 443) to restart. This does not affect the main functionality of the product. After an automatic restart, the service resumes normal operation without disruption to core functions.
CWE-1287: Improper Validation of Specified Type of Input
YU-HSIANG HUANG (huang.yuhsiang.phone@gmail.com) from Moxa's cybersecurity testing team
www.moxa.com/...rability-identified-in-the-vport-07-3-series
Support options