Vulnerability Description
This vulnerability involves command injection in tcpdump within Moxa products, enabling an authenticated attacker with console access to exploit improper input validation to inject and execute systems commands. Successful exploitation could result in privilege escalation, allowing the attacker to gain root shell access and maintain persistent control over the device, potentially disrupting network services and affecting the availability of downstream systems that rely on its connectivity.
Related Weaknesses (CWE)
References
FAQ
What is CVE-2025-0676?
CVE-2025-0676 is a documented vulnerability. This vulnerability involves command injection in tcpdump within Moxa products, enabling an authenticated attacker with console access to exploit improper input validation to inject and execute systems...
How severe is CVE-2025-0676?
CVSS scoring is not yet available for CVE-2025-0676. Check NVD for updates.
Is there a patch for CVE-2025-0676?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.