{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-3867", "assignerOrgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa", "state": "PUBLISHED", "assignerShortName": "Moxa", "dateReserved": "2026-03-10T07:56:27.311Z", "datePublished": "2026-04-27T02:54:00.508Z", "dateUpdated": "2026-04-27T15:14:35.199Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa", "shortName": "Moxa", "dateUpdated": "2026-04-27T02:54:00.508Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-282", "description": "CWE-282: Improper Ownership Management", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-122", "descriptions": [{"lang": "en", "value": "CAPEC-122: Privilege Abuse"}]}], "affected": [{"vendor": "Moxa", "product": "EDR-8010 Series", "versions": [{"status": "affected", "version": "1.0", "lessThanOrEqual": "3.23", "versionType": "custom"}, {"status": "unaffected", "version": "3.24", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Moxa", "product": "EDR-G9010 Series", "versions": [{"status": "affected", "version": "1.0", "lessThanOrEqual": "3.23.1", "versionType": "custom"}, {"status": "affected", "version": "3.24", "versionType": "custom"}], "defaultStatus": "unaffected"}], "cpeApplicability": [{"operator": "OR", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:moxa:edr-8010_series:*:*:*:*:*:*:*:*", "versionStartIncluding": "1.0", "versionEndIncluding": "3.23"}, {"vulnerable": false, "criteria": "cpe:2.3:a:moxa:edr-8010_series:3.24:*:*:*:*:*:*:*"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:moxa:edr-g9010_series:*:*:*:*:*:*:*:*", "versionStartIncluding": "1.0", "versionEndIncluding": "3.23.1"}, {"vulnerable": true, "criteria": "cpe:2.3:a:moxa:edr-g9010_series:3.24:*:*:*:*:*:*:*"}]}]}], "descriptions": [{"lang": "en", "value": "An improper ownership management vulnerability has been identified in Moxa\u2019s Secure Router. Because of improper ownership management, a low-privileged authenticated user may access a configuration file containing the hashed password of the administrative account. Successful exploitation of this vulnerability could allow an attacker to obtain sensitive information. Exploitation is only possible under a specific condition \u2014 when the configuration file has been exported. This vulnerability does not impact the integrity or availability of the affected product, and no confidentiality, integrity, or availability impact to the subsequent system has been identified.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "An improper ownership management vulnerability has been identified in Moxa\u2019s Secure Router. Because of improper ownership management, a low-privileged authenticated user may access a configuration file containing the hashed password of the administrative account. Successful exploitation of this vulnerability could allow an attacker to obtain sensitive information. Exploitation is only possible under a specific condition \u2014 when the configuration file has been exported. This vulnerability does not impact the integrity or availability of the affected product, and no confidentiality, integrity, or availability impact to the subsequent system has been identified."}]}], "references": [{"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-261521-cve-2026-3867-cve-2026-3868-improper-ownership-management-and-improper-handling-of-length-parameter-incons", "tags": ["vendor-advisory"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "MEDIUM", "baseScore": 6, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"}}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-27T15:14:27.349608Z", "id": "CVE-2026-3867", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-27T15:14:35.199Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-3867", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-27T15:14:27.349608Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-27T15:14:31.747Z"}}], "cna": {"source": {"discovery": "EXTERNAL"}, "impacts": [{"capecId": "CAPEC-122", "descriptions": [{"lang": "en", "value": "CAPEC-122: Privilege Abuse"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Moxa", "product": "EDR-8010 Series", "versions": [{"status": "affected", "version": "1.0", "versionType": "custom", "lessThanOrEqual": "3.23"}, {"status": "unaffected", "version": "3.24", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Moxa", "product": "EDR-G9010 Series", "versions": [{"status": "affected", "version": "1.0", "versionType": "custom", "lessThanOrEqual": "3.23.1"}, {"status": "affected", "version": "3.24", "versionType": "custom"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-261521-cve-2026-3867-cve-2026-3868-improper-ownership-management-and-improper-handling-of-length-parameter-incons", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 1.0.1"}, "descriptions": [{"lang": "en", "value": "An improper ownership management vulnerability has been identified in Moxa\u2019s Secure Router. Because of improper ownership management, a low-privileged authenticated user may access a configuration file containing the hashed password of the administrative account. Successful exploitation of this vulnerability could allow an attacker to obtain sensitive information. Exploitation is only possible under a specific condition \u2014 when the configuration file has been exported. This vulnerability does not impact the integrity or availability of the affected product, and no confidentiality, integrity, or availability impact to the subsequent system has been identified.", "supportingMedia": [{"type": "text/html", "value": "An improper ownership management vulnerability has been identified in Moxa\u2019s Secure Router. Because of improper ownership management, a low-privileged authenticated user may access a configuration file containing the hashed password of the administrative account. Successful exploitation of this vulnerability could allow an attacker to obtain sensitive information. Exploitation is only possible under a specific condition \u2014 when the configuration file has been exported. This vulnerability does not impact the integrity or availability of the affected product, and no confidentiality, integrity, or availability impact to the subsequent system has been identified.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-282", "description": "CWE-282: Improper Ownership Management"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:moxa:edr-8010_series:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndIncluding": "3.23", "versionStartIncluding": "1.0"}, {"criteria": "cpe:2.3:a:moxa:edr-8010_series:3.24:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:moxa:edr-g9010_series:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndIncluding": "3.23.1", "versionStartIncluding": "1.0"}, {"criteria": "cpe:2.3:a:moxa:edr-g9010_series:3.24:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}], "operator": "OR"}], "providerMetadata": {"orgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa", "shortName": "Moxa", "dateUpdated": "2026-04-27T02:54:00.508Z"}}}, "cveMetadata": {"cveId": "CVE-2026-3867", "state": "PUBLISHED", "dateUpdated": "2026-04-27T15:14:35.199Z", "dateReserved": "2026-03-10T07:56:27.311Z", "assignerOrgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa", "datePublished": "2026-04-27T02:54:00.508Z", "assignerShortName": "Moxa"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An improper ownership management vulnerability has been identified in Moxa\u2019s Secure Router. Because of improper ownership management, a low-privileged authenticated user may access a configuration file containing the hashed password of the administrative account. Successful exploitation of this vulnerability could allow an attacker to obtain sensitive information. Exploitation is only possible under a specific condition \u2014 when the configuration file has been exported. This vulnerability does not impact the integrity or availability of the affected product, and no confidentiality, integrity, or availability impact to the subsequent system has been identified."}], "id": "CVE-2026-3867", "lastModified": "2026-04-27T04:16:04.937", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.0, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "psirt@moxa.com", "type": "Secondary"}]}, "published": "2026-04-27T04:16:04.937", "references": [{"source": "psirt@moxa.com", "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-261521-cve-2026-3867-cve-2026-3868-improper-ownership-management-and-improper-handling-of-length-parameter-incons"}], "sourceIdentifier": "psirt@moxa.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-282"}], "source": "psirt@moxa.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[1.0,3.23]"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "3.24"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "EDR-8010 Series", "source": "cna", "vendor": "Moxa"}, "product": "edr-8010_series", "vendor": "moxa"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[1.0,3.23.1]"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.24"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "EDR-G9010 Series", "source": "cna", "vendor": "Moxa"}, "product": "edr-g9010_series", "vendor": "moxa"}], "created": "2026-04-27T18:41:59.087680+00:00", "updated": "2026-04-27T18:41:59.087728+00:00", "vendors": ["moxa", "moxa$PRODUCT$edr-8010_series", "moxa$PRODUCT$edr-g9010_series"]}