CVE-2026-3867

UNKNOWN 0.0

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

An improper ownership management vulnerability has been identified in Moxa’s Secure Router. Because of improper ownership management, a low-privileged authenticated user may access a configuration file containing the hashed password of the administrative account. Successful exploitation of this vulnerability could allow an attacker to obtain sensitive information. Exploitation is only possible under a specific condition — when the configuration file has been exported. This vulnerability does not impact the integrity or availability of the affected product, and no confidentiality, integrity, or availability impact to the subsequent system has been identified.

CWE	CWE-282
Vendor	moxa
Product	edr-8010 series
Published	Apr 27, 2026

Stay Ahead of the Next One

Get instant alerts for moxa edr-8010 series

Be the first to know when new unknown vulnerabilities affecting moxa edr-8010 series are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Moxa / EDR-8010 Series

1.0 ≤ 3.23

Moxa / EDR-G9010 Series

1.0 ≤ 3.23.1 3.24

References

NVD ↗ CVE.org ↗ EPSS Data ↗

moxa.com: https://www.moxa.com/en/support/product-support/security-advisory/mpsa-261521-cve-2026-3867-cve-2026-3868-improper-ownership-management-and-improper-handling-of-length-parameter-incons