CVE-2015-6464

3 documents3 sources

Severity

8.5HIGH

EPSS

0.2%

top 52.00%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Moxa Eds-405a Firmware Moxa Eds-408a Firmware

Timeline

PublishedSep 11

Latest updateMay 17

Description

The administrative web interface on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote authenticated users to bypass a read-only protection mechanism by using Firefox with a web-developer plugin.

CVSS vector

AV:N/AC:L/C:N/I:C/A:CExploitability: 8.0 | Impact: 9.2

Affected Packages2 packages

▶NVDmoxa/eds-405a_firmware3.4

▶NVDmoxa/eds-408a_firmware3.4

Patches

Patch: www.moxa.com ↗Patch: www.moxa.com ↗

🔴Vulnerability Details

GHSA

GHSA-64gm-j8rj-qrxj: The administrative web interface on Moxa EDS-405A and EDS-408A switches with firmware before 3↗2022-05-17

▶

CVEList

CVE-2015-6464: The administrative web interface on Moxa EDS-405A and EDS-408A switches with firmware before 3↗2015-09-11

▶