CVE-2023-6093

CWE-1021 — Clickjacking3 documents3 sources

Severity

6.1MEDIUM

EPSS

0.1%

top 78.85%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Moxa Oncell G3150a-lte Series Moxa Oncell G3150a-lte Firmware

Timeline

PublishedDec 31

Description

A clickjacking vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior. This vulnerability is caused by incorrectly restricts frame objects, which can lead to user confusion about which interface the user is interacting with. This vulnerability may lead the attacker to trick the user into interacting with the application.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:NExploitability: 1.6 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5moxa/oncell_g3150a-lte_series1.0 — 1.3

▶NVDmoxa/oncell_g3150a-lte_firmware1.3

🔴Vulnerability Details

GHSA

GHSA-rj6w-4jrj-f27j: A vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1↗2023-12-31

▶

CVEList

OnCell G3150A-LTE Series: Clickjacking Vulnerability↗2023-12-31

▶