Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
1 vulnerability found for mds-g516e by moxa
VAR-202003-1668
Vulnerability from variot - Updated: 2024-11-23 21:36In Moxa EDS-G516E Series firmware, Version 5.2 or lower, some of the parameters in the setting pages do not ensure text is the correct size for its buffer. Moxa EDS-G516E A classic buffer overflow vulnerability exists in the series firmware.Service operation interruption (DoS) It may be put into a state. Moxa EDS-G516E is a managed switch from Moxa, Taiwan. The vulnerability stems from the fact that when a network system or product performs an operation on memory, the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202003-1668",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mds-g516e",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "5.2"
},
{
"model": "eds-g516e",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "5.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "mds g516e",
"version": "*"
},
{
"model": "eds-g516e",
"scope": "lte",
"trust": 0.6,
"vendor": "moxa",
"version": "\u003c=5.2"
}
],
"sources": [
{
"db": "IVD",
"id": "84df500c-409c-46cd-8c19-9a913469f3e3"
},
{
"db": "IVD",
"id": "9dedd6d9-6012-4511-9f7c-c0f8518a4ab3"
},
{
"db": "IVD",
"id": "b6594321-ddb7-44b7-8b8e-0ffc0c94d3a0"
},
{
"db": "CNVD",
"id": "CNVD-2020-19932"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003425"
},
{
"db": "NVD",
"id": "CVE-2020-6999"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:moxa:eds-g516e_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003425"
}
]
},
"cve": "CVE-2020-6999",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CVE-2020-6999",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-003425",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-19932",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "84df500c-409c-46cd-8c19-9a913469f3e3",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "9dedd6d9-6012-4511-9f7c-c0f8518a4ab3",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "b6594321-ddb7-44b7-8b8e-0ffc0c94d3a0",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2020-6999",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-003425",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-6999",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2020-003425",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-19932",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202003-1630",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "84df500c-409c-46cd-8c19-9a913469f3e3",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "9dedd6d9-6012-4511-9f7c-c0f8518a4ab3",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "b6594321-ddb7-44b7-8b8e-0ffc0c94d3a0",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "84df500c-409c-46cd-8c19-9a913469f3e3"
},
{
"db": "IVD",
"id": "9dedd6d9-6012-4511-9f7c-c0f8518a4ab3"
},
{
"db": "IVD",
"id": "b6594321-ddb7-44b7-8b8e-0ffc0c94d3a0"
},
{
"db": "CNVD",
"id": "CNVD-2020-19932"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003425"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1630"
},
{
"db": "NVD",
"id": "CVE-2020-6999"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In Moxa EDS-G516E Series firmware, Version 5.2 or lower, some of the parameters in the setting pages do not ensure text is the correct size for its buffer. Moxa EDS-G516E A classic buffer overflow vulnerability exists in the series firmware.Service operation interruption (DoS) It may be put into a state. Moxa EDS-G516E is a managed switch from Moxa, Taiwan. The vulnerability stems from the fact that when a network system or product performs an operation on memory, the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-6999"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003425"
},
{
"db": "CNVD",
"id": "CNVD-2020-19932"
},
{
"db": "IVD",
"id": "84df500c-409c-46cd-8c19-9a913469f3e3"
},
{
"db": "IVD",
"id": "9dedd6d9-6012-4511-9f7c-c0f8518a4ab3"
},
{
"db": "IVD",
"id": "b6594321-ddb7-44b7-8b8e-0ffc0c94d3a0"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-6999",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-20-056-04",
"trust": 2.4
},
{
"db": "CNVD",
"id": "CNVD-2020-19932",
"trust": 1.2
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1630",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003425",
"trust": 0.8
},
{
"db": "IVD",
"id": "84DF500C-409C-46CD-8C19-9A913469F3E3",
"trust": 0.2
},
{
"db": "IVD",
"id": "9DEDD6D9-6012-4511-9F7C-C0F8518A4AB3",
"trust": 0.2
},
{
"db": "IVD",
"id": "B6594321-DDB7-44B7-8B8E-0FFC0C94D3A0",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "84df500c-409c-46cd-8c19-9a913469f3e3"
},
{
"db": "IVD",
"id": "9dedd6d9-6012-4511-9f7c-c0f8518a4ab3"
},
{
"db": "IVD",
"id": "b6594321-ddb7-44b7-8b8e-0ffc0c94d3a0"
},
{
"db": "CNVD",
"id": "CNVD-2020-19932"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003425"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1630"
},
{
"db": "NVD",
"id": "CVE-2020-6999"
}
]
},
"id": "VAR-202003-1668",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "84df500c-409c-46cd-8c19-9a913469f3e3"
},
{
"db": "IVD",
"id": "9dedd6d9-6012-4511-9f7c-c0f8518a4ab3"
},
{
"db": "IVD",
"id": "b6594321-ddb7-44b7-8b8e-0ffc0c94d3a0"
},
{
"db": "CNVD",
"id": "CNVD-2020-19932"
}
],
"trust": 1.7555556
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "IVD",
"id": "84df500c-409c-46cd-8c19-9a913469f3e3"
},
{
"db": "IVD",
"id": "9dedd6d9-6012-4511-9f7c-c0f8518a4ab3"
},
{
"db": "IVD",
"id": "b6594321-ddb7-44b7-8b8e-0ffc0c94d3a0"
},
{
"db": "CNVD",
"id": "CNVD-2020-19932"
}
]
},
"last_update_date": "2024-11-23T21:36:01.424000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.moxa.com/en/"
},
{
"title": "Patch for Moxa EDS-G516E buffer overflow vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/211331"
},
{
"title": "Moxa EDS-G516E Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=113032"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-19932"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003425"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1630"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003425"
},
{
"db": "NVD",
"id": "CVE-2020-6999"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-056-04"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6999"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-6999"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003425"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1630"
},
{
"db": "NVD",
"id": "CVE-2020-6999"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "84df500c-409c-46cd-8c19-9a913469f3e3"
},
{
"db": "IVD",
"id": "9dedd6d9-6012-4511-9f7c-c0f8518a4ab3"
},
{
"db": "IVD",
"id": "b6594321-ddb7-44b7-8b8e-0ffc0c94d3a0"
},
{
"db": "CNVD",
"id": "CNVD-2020-19932"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003425"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1630"
},
{
"db": "NVD",
"id": "CVE-2020-6999"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-26T00:00:00",
"db": "IVD",
"id": "84df500c-409c-46cd-8c19-9a913469f3e3"
},
{
"date": "2020-03-26T00:00:00",
"db": "IVD",
"id": "9dedd6d9-6012-4511-9f7c-c0f8518a4ab3"
},
{
"date": "2020-03-26T00:00:00",
"db": "IVD",
"id": "b6594321-ddb7-44b7-8b8e-0ffc0c94d3a0"
},
{
"date": "2020-03-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-19932"
},
{
"date": "2020-04-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003425"
},
{
"date": "2020-03-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-1630"
},
{
"date": "2020-03-26T13:15:13.610000",
"db": "NVD",
"id": "CVE-2020-6999"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-19932"
},
{
"date": "2020-04-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003425"
},
{
"date": "2020-03-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-1630"
},
{
"date": "2024-11-21T05:36:27.883000",
"db": "NVD",
"id": "CVE-2020-6999"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-1630"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Moxa EDS-G516E Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "84df500c-409c-46cd-8c19-9a913469f3e3"
},
{
"db": "IVD",
"id": "9dedd6d9-6012-4511-9f7c-c0f8518a4ab3"
},
{
"db": "IVD",
"id": "b6594321-ddb7-44b7-8b8e-0ffc0c94d3a0"
},
{
"db": "CNVD",
"id": "CNVD-2020-19932"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "84df500c-409c-46cd-8c19-9a913469f3e3"
},
{
"db": "IVD",
"id": "9dedd6d9-6012-4511-9f7c-c0f8518a4ab3"
},
{
"db": "IVD",
"id": "b6594321-ddb7-44b7-8b8e-0ffc0c94d3a0"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1630"
}
],
"trust": 1.2
}
}