Moxa Oncell G3110-Hspa-T Firmware vulnerabilities
3 known vulnerabilities affecting moxa/oncell_g3110-hspa-t_firmware.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2018-5455CRITICALCVSS 9.8≤ 1.42018-03-05
CVE-2018-5455 [CRITICAL] CWE-565 CVE-2018-5455: A Reliance on Cookies without Validation and Integrity Checking issue was discovered in Moxa OnCell
A Reliance on Cookies without Validation and Integrity Checking issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. The application allows a cookie parameter to consist of only digits, allowing an attacker to perform a brute force attack bypassing authentication and gaining access to device functions.
nvd
CVE-2018-5453HIGHCVSS 7.5≤ 1.42018-03-05
CVE-2018-5453 [HIGH] CWE-130 CVE-2018-5453: An Improper Handling of Length Parameter Inconsistency issue was discovered in Moxa OnCell G3100-HSP
An Improper Handling of Length Parameter Inconsistency issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. An attacker may be able to edit the element of an HTTP request, causing the device to become unavailable.
nvd
CVE-2018-5449MEDIUMCVSS 6.5≤ 1.42018-03-05
CVE-2018-5449 [MEDIUM] CWE-476 CVE-2018-5449: A NULL Pointer Dereference issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 1
A NULL Pointer Dereference issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. The application does not check for a NULL value, allowing for an attacker to perform a denial of service attack.
nvd