CVE-2018-11427
published 2019-07-03CVE-2018-11427: CSRF tokens are not used in the web application of Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior, which makes it possible to perform CSRF…
high8.8CVSS 3.0
AVNACLPRNUIRSUCHIHAH
CSRF tokens are not used in the web application of Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior, which makes it possible to perform CSRF attacks on the device administrator.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| moxa | oncell_g3150-hspa-t_firmware | <= 1.4 | — |
| moxa | oncell_g3150-hspa_firmware | <= 1.4 | — |