CVE-2016-2285
published 2016-05-31CVE-2016-2285: Cross-site request forgery (CSRF) vulnerability on Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware…
high8.8CVSS 3.0
AVNACLPRNUIRSUCHIHAH
Cross-site request forgery (CSRF) vulnerability on Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614, MiiNePort_E2_4561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build 11071409 allows remote attackers to hijack the authentication of arbitrary users.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| moxa | miineport_e1_4641_firmware | — | — |
| moxa | miineport_e1_7080_firmware | — | — |
| moxa | miineport_e2_1242_firmware | — | — |
| moxa | miineport_e2_4561_firmware | — | — |
| moxa | miineport_e3_firmware | — | — |