{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-3867", "assignerOrgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa", "state": "PUBLISHED", "assignerShortName": "Moxa", "dateReserved": "2026-03-10T07:56:27.311Z", "datePublished": "2026-04-27T02:54:00.508Z", "dateUpdated": "2026-04-27T15:14:35.199Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa", "shortName": "Moxa", "dateUpdated": "2026-04-27T02:54:00.508Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-282", "description": "CWE-282: Improper Ownership Management", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-122", "descriptions": [{"lang": "en", "value": "CAPEC-122: Privilege Abuse"}]}], "affected": [{"vendor": "Moxa", "product": "EDR-8010 Series", "versions": [{"status": "affected", "version": "1.0", "lessThanOrEqual": "3.23", "versionType": "custom"}, {"status": "unaffected", "version": "3.24", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Moxa", "product": "EDR-G9010 Series", "versions": [{"status": "affected", "version": "1.0", "lessThanOrEqual": "3.23.1", "versionType": "custom"}, {"status": "affected", "version": "3.24", "versionType": "custom"}], "defaultStatus": "unaffected"}], "cpeApplicability": [{"operator": "OR", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:moxa:edr-8010_series:*:*:*:*:*:*:*:*", "versionStartIncluding": "1.0", "versionEndIncluding": "3.23"}, {"vulnerable": false, "criteria": "cpe:2.3:a:moxa:edr-8010_series:3.24:*:*:*:*:*:*:*"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:moxa:edr-g9010_series:*:*:*:*:*:*:*:*", "versionStartIncluding": "1.0", "versionEndIncluding": "3.23.1"}, {"vulnerable": true, "criteria": "cpe:2.3:a:moxa:edr-g9010_series:3.24:*:*:*:*:*:*:*"}]}]}], "descriptions": [{"lang": "en", "value": "An improper ownership management vulnerability has been identified in Moxa\u2019s Secure Router. Because of improper ownership management, a low-privileged authenticated user may access a configuration file containing the hashed password of the administrative account. Successful exploitation of this vulnerability could allow an attacker to obtain sensitive information. Exploitation is only possible under a specific condition \u2014 when the configuration file has been exported. This vulnerability does not impact the integrity or availability of the affected product, and no confidentiality, integrity, or availability impact to the subsequent system has been identified.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "An improper ownership management vulnerability has been identified in Moxa\u2019s Secure Router. Because of improper ownership management, a low-privileged authenticated user may access a configuration file containing the hashed password of the administrative account. Successful exploitation of this vulnerability could allow an attacker to obtain sensitive information. Exploitation is only possible under a specific condition \u2014 when the configuration file has been exported. This vulnerability does not impact the integrity or availability of the affected product, and no confidentiality, integrity, or availability impact to the subsequent system has been identified."}]}], "references": [{"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-261521-cve-2026-3867-cve-2026-3868-improper-ownership-management-and-improper-handling-of-length-parameter-incons", "tags": ["vendor-advisory"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "MEDIUM", "baseScore": 6, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"}}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-27T15:14:27.349608Z", "id": "CVE-2026-3867", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-27T15:14:35.199Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-3867", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-27T15:14:27.349608Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-27T15:14:31.747Z"}}], "cna": {"source": {"discovery": "EXTERNAL"}, "impacts": [{"capecId": "CAPEC-122", "descriptions": [{"lang": "en", "value": "CAPEC-122: Privilege Abuse"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Moxa", "product": "EDR-8010 Series", "versions": [{"status": "affected", "version": "1.0", "versionType": "custom", "lessThanOrEqual": "3.23"}, {"status": "unaffected", "version": "3.24", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Moxa", "product": "EDR-G9010 Series", "versions": [{"status": "affected", "version": "1.0", "versionType": "custom", "lessThanOrEqual": "3.23.1"}, {"status": "affected", "version": "3.24", "versionType": "custom"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-261521-cve-2026-3867-cve-2026-3868-improper-ownership-management-and-improper-handling-of-length-parameter-incons", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 1.0.1"}, "descriptions": [{"lang": "en", "value": "An improper ownership management vulnerability has been identified in Moxa\u2019s Secure Router. Because of improper ownership management, a low-privileged authenticated user may access a configuration file containing the hashed password of the administrative account. Successful exploitation of this vulnerability could allow an attacker to obtain sensitive information. Exploitation is only possible under a specific condition \u2014 when the configuration file has been exported. This vulnerability does not impact the integrity or availability of the affected product, and no confidentiality, integrity, or availability impact to the subsequent system has been identified.", "supportingMedia": [{"type": "text/html", "value": "An improper ownership management vulnerability has been identified in Moxa\u2019s Secure Router. Because of improper ownership management, a low-privileged authenticated user may access a configuration file containing the hashed password of the administrative account. Successful exploitation of this vulnerability could allow an attacker to obtain sensitive information. Exploitation is only possible under a specific condition \u2014 when the configuration file has been exported. This vulnerability does not impact the integrity or availability of the affected product, and no confidentiality, integrity, or availability impact to the subsequent system has been identified.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-282", "description": "CWE-282: Improper Ownership Management"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:moxa:edr-8010_series:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndIncluding": "3.23", "versionStartIncluding": "1.0"}, {"criteria": "cpe:2.3:a:moxa:edr-8010_series:3.24:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:moxa:edr-g9010_series:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndIncluding": "3.23.1", "versionStartIncluding": "1.0"}, {"criteria": "cpe:2.3:a:moxa:edr-g9010_series:3.24:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}], "operator": "OR"}], "providerMetadata": {"orgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa", "shortName": "Moxa", "dateUpdated": "2026-04-27T02:54:00.508Z"}}}, "cveMetadata": {"cveId": "CVE-2026-3867", "state": "PUBLISHED", "dateUpdated": "2026-04-27T15:14:35.199Z", "dateReserved": "2026-03-10T07:56:27.311Z", "assignerOrgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa", "datePublished": "2026-04-27T02:54:00.508Z", "assignerShortName": "Moxa"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An improper ownership management vulnerability has been identified in Moxa\u2019s Secure Router. Because of improper ownership management, a low-privileged authenticated user may access a configuration file containing the hashed password of the administrative account. Successful exploitation of this vulnerability could allow an attacker to obtain sensitive information. Exploitation is only possible under a specific condition \u2014 when the configuration file has been exported. This vulnerability does not impact the integrity or availability of the affected product, and no confidentiality, integrity, or availability impact to the subsequent system has been identified."}], "id": "CVE-2026-3867", "lastModified": "2026-04-27T18:57:20.293", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.0, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "psirt@moxa.com", "type": "Secondary"}]}, "published": "2026-04-27T04:16:04.937", "references": [{"source": "psirt@moxa.com", "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-261521-cve-2026-3867-cve-2026-3868-improper-ownership-management-and-improper-handling-of-length-parameter-incons"}], "sourceIdentifier": "psirt@moxa.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-282"}], "source": "psirt@moxa.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[1.0,3.23]"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "3.24"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "EDR-8010 Series", "source": "cna", "vendor": "Moxa"}, "product": "edr-8010_series", "vendor": "moxa"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[1.0,3.23.1]"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.24"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "EDR-G9010 Series", "source": "cna", "vendor": "Moxa"}, "product": "edr-g9010_series", "vendor": "moxa"}], "analysis": {"en": {"generated_at": "2026-04-28T04:52:22.279923+00:00", "value": {"mitigation_remediation": ["Upgrade to the latest merchant firmware that implements correct ownership checks", "Disable configuration export functionality or restrict it to privileged users only", "Apply file\u2011system access controls to prevent low\u2011privileged users from reading /etc/edr.conf or equivalent configuration files"], "summary": {"action": "Apply Patch", "impact": "Data Exposure (Admin Password Hash)"}, "threat_synthesis": {"affected_systems": "The affected vendors are Moxa, specifically the EDR\u20118010 Series and EDR\u20119010 Series routers. No version information is supplied by the CNA; users should verify whether their device firmware matches the published vulnerable series.", "description_and_impact": "An improper ownership management issue in Moxa Secure Router allows a low\u2011privileged authenticated user to read a configuration file that contains the hashed password of the administrative account. The vulnerability results in confidentiality loss; the attacker can obtain sensitive authentication material. Integrity and availability are not affected.", "risk_and_exploitability": "The CVSS score of 6 indicates moderate risk. EPSS is reported as less than 1\u2009%, implying a very low probability of exploitation in the wild, and the vulnerability is not listed in CISA KEV. Exploitation is only possible when the configuration file has been exported, a condition that limits the attack surface."}}}}, "created": "2026-04-27T18:41:59.087680+00:00", "title": "Improper Ownership Management Permits Low\u2011Privilege Access to Admin Password Hash", "updated": "2026-04-28T05:00:14.743580+00:00", "vendors": ["moxa", "moxa$PRODUCT$edr-8010_series", "moxa$PRODUCT$edr-g9010_series"]}