As of June 15, 2022, this site no longer supports Internet Explorer. Please use another browser for the best experience on our site.
Sign In
Home Support Security Advisories CVE-2026-3867, CVE-2026-3868: Improper Ownership Management and Improper Handling of Length Paramete

Product support

Security Advisories

Please sign in

Forgot your password?
Sign In
Remember Me.
Not a member? Sign up now
SUMMARY

CVE-2026-3867, CVE-2026-3868: Improper Ownership Management and Improper Handling of Length Parameter Inconsistency Vulnerabilities in Secure Router

This security advisory addresses two vulnerabilities identified in Secure Router.

CVE-2026-3867

An improper ownership management vulnerability has been identified in Moxa’s Secure Router. Because of improper ownership management, a low-privileged authenticated user may access a configuration file containing the hashed password of the administrative account. Successful exploitation of this vulnerability could allow an attacker to obtain sensitive information. Exploitation is only possible under a specific condition — when the configuration file has been exported. This vulnerability does not impact the integrity or availability of the affected product, and no confidentiality, integrity, or availability impact to the subsequent system has been identified.

CVE-2026-3868

An improper handling of the length parameter inconsistency vulnerability has been identified in Moxa’s Secure Router. Because of improper validation of length parameters in the HTTPS management interface, an unauthenticated remote attacker could send specially crafted requests that trigger a buffer overflow condition, causing the web service to become unresponsive. Successful exploitation may result in a denial-of-service condition requiring a device reboot to restore normal operation. While successful exploitation can severely impact the availability of the affected device, no impact to the confidentiality or integrity of the affected product has been identified. Additionally, no confidentiality, integrity, or availability impact to the subsequent system has been identified.

Given the high severity of CVE-2026-3868, users should apply the solutions immediately to reduce security risks.

 

The Identified Vulnerability Type and Potential Impact 

CVE ID Vulnerability Type Impact
CVE-2026-3867

CWE-282: Improper Ownership Management

 CAPEC-122: Privilege Abuse
CVE-2026-3868 CWE-130: Improper Handling of Length Parameter Inconsistency CAPEC-47: Buffer Overflow via Parameter Expansion

Vulnerability Scoring Details 

CVE ID
Base Score
Vector
 Severity

Unauthenticated

Remote Exploits
CVE-2026-3867

CVSS 4.0: 6.0

AV:N/AC:L/AT:P/PR:L/UI:N/

VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

 Medium No
CVE-2026-3868 CVSS 4.0: 8.7

AV:N/AC:L/AT:N/PR:N/UI:N/

VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

 High Yes
AFFECTED PRODUCTS AND SOLUTIONS

Solutions

Moxa has developed appropriate solutions to address these vulnerabilities. The solutions for the affected products are listed in the following table: 

Product Series Affected Versions Solutions
TN-4900 Series Firmware v3.22 and earlier Firmware v3.24 or later

EDR Series

  • EDR-8010 Series
  • EDR-G9010 Series

Firmware

  • v3.23 and earlier
  • v3.23.1 and earlier

Firmware

OnCell Series

  • OnCell G4302-LTE4 Series
  • OnCell G4308-LTE4 Series

Firmware

  • v3.23.0 and earlier
  • v3.23.0 and earlier

Please contact Moxa Technical Support for the security patch (v3.24.1)
EDF-G1002-BP Series Firmware v3.23 and earlier

Firmware v3.24 or later

 

Mitigations

For users who may not be able to perform a firmware update, we provide the following recommended mitigation measures as an alternative to mitigate the risk associated with the vulnerability.

  • Refer to the General Security Recommendations section to further strengthen your security context.

 

General Security Recommendations

To safeguard devices and networks, we recommend implementing the following recommendations to mitigate potential risks:

  1. Restrict Network Access
    • Use firewalls or access control lists (ACLs) to limit communication to trusted IP addresses and networks.
    • Segregate operational networks from other networks (e.g., enterprise networks) using VLANs or physical separation.
  2. Minimize Exposure
    • Avoid exposing devices directly to the Internet.
    • Disable unused network services and ports to reduce the attack surface.
  3. Enhance Device Authentication and Access Control
    • Implement multi-factor authentication (MFA) for accessing critical systems.
    • Use role-based access control (RBAC) to enforce the principle of least privilege.
  4. Regularly Update Firmware and Software
    • Keep devices updated with the latest firmware versions and security patches.
    • Establish a regular patch management schedule to address newly identified vulnerabilities.
  5. Secure Remote Access
    • Use encrypted communication protocols (e.g., VPN, SSH) for remote access.
    • Restrict remote access to authorized personnel only and enforce strong authentication mechanisms.
  6. Implement Anomaly Detection Techniques
    • Monitor network traffic and device behavior for unusual or unauthorized activities.
    • Use tools or techniques that can identify anomalies and provide alerts for potential threats.
  7. Implement Logging and Monitoring
    • Enable event logging and maintain audit trails on devices.
    • Regularly review logs for anomalies and unauthorized access attempts.
  8. Conduct Regular Security Assessments
    • Perform vulnerability assessments to identify potential risks.
    • Regularly review device configurations to ensure compliance with security policies.

 

Revision History:

VERSION DESCRIPTION RELEASE DATE
1.0 First release April 27, 2026

Relevant Products

EDF-G1002-BP Series · EDR-8010 Series · EDR-G9010 Series · OnCell G4302-LTE4 Series · OnCell G4308-LTE4 Series · TN-4900 Series ·

  •   Print this page

  • Save
    You can manage and share your saved list in My Moxa
Related Advisories
Let’s get that fixed

If you are concerned about a potential cybersecurity vulnerability, please contact us and one of technical support staff will get in touch with you.

Report a Vulnerability
 
 
Added To Bag

View Bag
You have some items waiting in your bag; click here to finish your quote!

You are currently on the Global / English site.
Would you like to go to the site for your region?

Feedback