CVE-2026-3868

UNKNOWN 0.0

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

An improper handling of the length parameter inconsistency vulnerability has been identified in Moxa’s Secure Router. Because of improper validation of length parameters in the HTTPS management interface, an unauthenticated remote attacker could send specially crafted requests that trigger a buffer overflow condition, causing the web service to become unresponsive. Successful exploitation may result in a denial-of-service condition requiring a device reboot to restore normal operation. While successful exploitation can severely impact the availability of the affected device, no impact to the confidentiality or integrity of the affected product has been identified. Additionally, no confidentiality, integrity, or availability impact to the subsequent system has been identified.

CWE	CWE-130
Vendor	moxa
Product	edr-8010 series
Published	Apr 27, 2026

Stay Ahead of the Next One

Get instant alerts for moxa edr-8010 series

Be the first to know when new unknown vulnerabilities affecting moxa edr-8010 series are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Moxa / EDR-8010 Series

1.0 ≤ 3.23

Moxa / EDR-G9010 Series

1.0 ≤ 3.23.1

References

NVD ↗ CVE.org ↗ EPSS Data ↗

moxa.com: https://www.moxa.com/en/support/product-support/security-advisory/mpsa-261521-cve-2026-3867-cve-2026-3868-improper-ownership-management-and-improper-handling-of-length-parameter-incons