Moxa Sds-G3006 Series vulnerabilities

3 known vulnerabilities affecting moxa/sds-g3006_series.

Total CVEs

3

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

HIGH3

Vulnerabilities

Page 1 of 1

CVE-2024-7695HIGHCVSS 8.7≥ 1.0, ≤ 3.02025-01-29

CVE-2024-7695 [HIGH] CWE-787 CVE-2024-7695: Multiple switches are affected by an out-of-bounds write vulnerability. This vulnerability is caused Multiple switches are affected by an out-of-bounds write vulnerability. This vulnerability is caused by insufficient input validation, which allows data to be written to memory outside the bounds of the buffer. Successful exploitation of this vulnerability could result in a denial-of-service attack.

CVE-2024-9404HIGHCVSS 8.7≥ 1.0, ≤ 3.02024-12-04

CVE-2024-9404 [HIGH] CWE-1287 CVE-2024-9404: This vulnerability could lead to denial-of-service or service crashes. Exploitation of the moxa_cmd This vulnerability could lead to denial-of-service or service crashes. Exploitation of the moxa_cmd service, because of insufficient input validation, allows attackers to disrupt operations. If exposed to public networks, the vulnerability poses a significant remote threat, potentially allowing attackers to shut down affected systems.

CVE-2024-9137HIGHCVSS 8.8≥ 1.0, ≤ 3.02024-10-14

CVE-2024-9137 [HIGH] CWE-306 CVE-2024-9137: The affected product lacks an authentication check when sending commands to the server via the Moxa The affected product lacks an authentication check when sending commands to the server via the Moxa service. This vulnerability allows an attacker to execute specified commands, potentially leading to unauthorized downloads or uploads of configuration files and system compromise.