Moxa Oncell G3110-Hspa Firmware vulnerabilities
6 known vulnerabilities affecting moxa/oncell_g3110-hspa_firmware.
Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2018-5455CRITICALCVSS 9.8≤ 1.42018-03-05
CVE-2018-5455 [CRITICAL] CWE-565 CVE-2018-5455: A Reliance on Cookies without Validation and Integrity Checking issue was discovered in Moxa OnCell
A Reliance on Cookies without Validation and Integrity Checking issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. The application allows a cookie parameter to consist of only digits, allowing an attacker to perform a brute force attack bypassing authentication and gaining access to device functions.
nvd
CVE-2018-5453HIGHCVSS 7.5≤ 1.42018-03-05
CVE-2018-5453 [HIGH] CWE-130 CVE-2018-5453: An Improper Handling of Length Parameter Inconsistency issue was discovered in Moxa OnCell G3100-HSP
An Improper Handling of Length Parameter Inconsistency issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. An attacker may be able to edit the element of an HTTP request, causing the device to become unavailable.
nvd
CVE-2018-5449MEDIUMCVSS 6.5≤ 1.42018-03-05
CVE-2018-5449 [MEDIUM] CWE-476 CVE-2018-5449: A NULL Pointer Dereference issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 1
A NULL Pointer Dereference issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. The application does not check for a NULL value, allowing for an attacker to perform a denial of service attack.
nvd
CVE-2017-7913CRITICALCVSS 9.8≤ 1.32017-05-29
CVE-2017-7913 [CRITICAL] CWE-256 CVE-2017-7913: A Plaintext Storage of a Password issue was discovered in Moxa OnCell G3110-HSPA Version 1.3 build 1
A Plaintext Storage of a Password issue was discovered in Moxa OnCell G3110-HSPA Version 1.3 build 15082117 and previous versions, OnCell G3110-HSDPA Version 1.2 Build 09123015 and previous versions, OnCell G3150-HSDPA Version 1.4 Build 11051315 and previous versions, OnCell 5104-HSDPA, OnCell 5104-HSPA, and OnCell 5004-HSPA. The application's confi
nvd
CVE-2017-7915CRITICALCVSS 9.8≤ 1.32017-05-29
CVE-2017-7915 [CRITICAL] CWE-307 CVE-2017-7915: An Improper Restriction of Excessive Authentication Attempts issue was discovered in Moxa OnCell G31
An Improper Restriction of Excessive Authentication Attempts issue was discovered in Moxa OnCell G3110-HSPA Version 1.3 build 15082117 and previous versions, OnCell G3110-HSDPA Version 1.2 Build 09123015 and previous versions, OnCell G3150-HSDPA Version 1.4 Build 11051315 and previous versions, OnCell 5104-HSDPA, OnCell 5104-HSPA, and OnCell 5004-HS
nvd
CVE-2017-7917HIGHCVSS 8.8≤ 1.32017-05-29
CVE-2017-7917 [HIGH] CWE-352 CVE-2017-7917: A Cross-Site Request Forgery issue was discovered in Moxa OnCell G3110-HSPA Version 1.3 build 150821
A Cross-Site Request Forgery issue was discovered in Moxa OnCell G3110-HSPA Version 1.3 build 15082117 and previous versions, OnCell G3110-HSDPA Version 1.2 Build 09123015 and previous versions, OnCell G3150-HSDPA Version 1.4 Build 11051315 and previous versions, OnCell 5104-HSDPA, OnCell 5104-HSPA, and OnCell 5004-HSPA. The application does not suffici
nvd