A critical security vulnerability, identified as CVE-2025-0415 (CVSSv4 9.2), has been found in multiple Moxa secure routers, cellular routers, and network security appliances. This vulnerability could allow an authenticated attacker with administrative access to the web interface to execute arbitrary system commands on affected devices.
The vulnerability lies in the deviceβs web interface, specifically within the NTP settings. An attacker with web administrator privileges can exploit this flaw to execute arbitrary system commands. The impact of successful exploitation is severe; the advisory states that it βcould result in complete control over the deviceβ. This level of access could enable malicious actors to disrupt operations, steal sensitive data, or use the compromised device as a foothold for further attacks within the network.
The following Moxa products and firmware versions are affected by CVE-2025-0415:
EDF-G1002-BP Series: Firmware version 3.14 and earlierEDR-810 Series: Firmware version 5.12.39 and earlierEDR-8010 Series: Firmware version 3.14 and earlierEDR-G9004 Series: Firmware version 3.14 and earlierEDR-G9010 Series: Firmware version 3.14 and earlierOnCell G4302-LTE4 Series: Firmware version 3.14 and earlierTN-4900 Series: Firmware version 3.14 and earlierMoxa has developed solutions to address this vulnerability. It is strongly recommended to update to the latest version as soon as possible.
The available solutions are as follows:
EDF-G1002-BP Series: Upgrade to the firmware version 3.17 or laterEDR-810 Series: Upgrade to the firmware version 5.12.41 or laterEDR-8010 Series: Upgrade to the firmware version 3.17 or laterEDR-G9004 Series: Please contact Moxa Technical Support to obtain the updated firmware containing the security fixEDR-G9010 Series: Please contact Moxa Technical Support to obtain the updated firmware containing the security fixOnCell G4302-LTE4 Series: Please contact Moxa Technical Support to obtain the updated firmware containing the security fixTN-4900 Series: Please contact Moxa Technical Support to obtain the updated firmware containing the security fixOrganizations using the affected Moxa products should prioritize applying the recommended firmware updates or contacting Moxa Technical Support to mitigate the risk posed by this critical vulnerability.