CVE-2026-3867

216.73.217.22

· Published 27/04/2026 04:16 · Modified 27/04/2026 18:57

Labels: CVE-2026-3867 2026-04-27 CVE-2026-3867 CWE-282 [email protected]

Essential information

Published: 27/04/2026 04:16
Modified: 27/04/2026 18:57
Author: —
Creator: —
CVSS: 6.0 MEDIUM (v3) 6.0 MEDIUM (v4.0)
CISA KEV: No
CWE: —
CVSS vector: —

CVSS metrics

Description

An improper ownership management vulnerability has been identified in Moxa’s Secure Router. Because of improper ownership management, a low-privileged authenticated user may access a configuration file containing the hashed password of the administrative account. Successful exploitation of this vulnerability could allow an attacker to obtain sensitive information. Exploitation is only possible under a specific condition — when the configuration file has been exported. This vulnerability does not impact the integrity or availability of the affected product, and no confidentiality, integrity, or availability impact to the subsequent system has been identified.

NVD status

Status: Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source: [email protected]
NVD: View on NVD

Affected products (CPE)

Product	CPE
moxa / secure router	`cpe:2.3:a:moxa:secure_router::::::::`