Moxa Oncell G3150A-Lte Series vulnerabilities
5 known vulnerabilities affecting moxa/oncell_g3150a-lte_series.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2024-4641CRITICALCVSS 9.8≥ 1.0, ≤ 1.7.72024-06-25
CVE-2024-4641 [MEDIUM] CWE-134 CVE-2024-4641: OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due t
OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to accepting a format string from an external source as an argument. An attacker could modify an externally controlled format string to cause a memory leak and denial of service.
cvelistv5nvd
CVE-2024-4640HIGHCVSS 8.2≥ 1.0, ≤ 1.7.72024-06-25
CVE-2024-4640 [HIGH] CWE-120 CVE-2024-4640: OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due t
OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to missing bounds checking on buffer operations. An attacker could write past the boundaries of allocated buffer regions in memory, causing a program crash.
cvelistv5nvd
CVE-2024-4639HIGHCVSS 8.8≥ 1.0, ≤ 1.7.72024-06-25
CVE-2024-4639 [HIGH] CWE-77 CVE-2024-4639: OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due t
OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to a lack of neutralized inputs in IPSec configuration. An attacker could modify the intended commands sent to target functions, which could cause malicious users to execute unauthorized commands.
cvelistv5nvd
CVE-2023-6094MEDIUMCVSS 5.3≥ 1.0, ≤ 1.32023-12-31
CVE-2023-6094 [MEDIUM] CWE-319 CVE-2023-6094: A vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior. Th
A vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior. The vulnerability results from lack of protection for sensitive information during transmission. An attacker eavesdropping on the traffic between the web browser and server may obtain sensitive information. This type of attack could be executed to gather
cvelistv5nvd
CVE-2023-6093MEDIUMCVSS 6.1≥ 1.0, ≤ 1.32023-12-31
CVE-2023-6093 [MEDIUM] CWE-1021 CVE-2023-6093: A clickjacking vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3
A clickjacking vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior. This vulnerability is caused by incorrectly restricts frame objects, which can lead to user confusion about which interface the user is interacting with. This vulnerability may lead the attacker to trick the user into interacting with the app
cvelistv5nvd