Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moxa oncell g3150-hspa-t firmware vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-11426
A weak Cookie parameter is used in the web application of Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. An attacker can brute force parameters required to bypass authentication and access the web interface to use all its functions except for password change.
Moxa Oncell G3150-hspa Firmware
Moxa Oncell G3150-hspa-t Firmware
9.8
CVSSv3
CVE-2018-11422
Moxa OnCell G3100-HSPA Series version 1.6 Build 17100315 and prior use a proprietary configuration protocol that does not provide confidentiality, integrity, and authenticity security controls. All information is sent in plain text, and can be intercepted and modified. Any comman...
Moxa Oncell G3150-hspa Firmware
Moxa Oncell G3150-hspa-t Firmware
9.8
CVSSv3
CVE-2018-11420
There is Memory corruption in the web interface of Moxa OnCell G3100-HSPA Series version 1.5 Build 17042015 and prio,r a different vulnerability than CVE-2018-11423.
Moxa Oncell G3150-hspa Firmware
Moxa Oncell G3150-hspa-t Firmware
9.8
CVSSv3
CVE-2018-11421
Moxa OnCell G3100-HSPA Series version 1.6 Build 17100315 and prior use a proprietary monitoring protocol that does not provide confidentiality, integrity, and authenticity security controls. All information is sent in plain text, and can be intercepted and modified. The protocol ...
Moxa Oncell G3150-hspa Firmware
Moxa Oncell G3150-hspa-t Firmware
8.8
CVSSv3
CVE-2018-11427
CSRF tokens are not used in the web application of Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior, which makes it possible to perform CSRF attacks on the device administrator.
Moxa Oncell G3150-hspa Firmware
Moxa Oncell G3150-hspa-t Firmware
7.5
CVSSv3
CVE-2018-11423
There is Memory corruption in the web interface Moxa OnCell G3100-HSPA Series version 1.6 Build 17100315 and prior, different vulnerability than CVE-2018-11420.
Moxa Oncell G3150-hspa Firmware
Moxa Oncell G3150-hspa-t Firmware
6.5
CVSSv3
CVE-2018-5449
A NULL Pointer Dereference issue exists in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. The application does not check for a NULL value, allowing for an malicious user to perform a denial of service attack.
Moxa Oncell G3150-hspa-t Firmware
Moxa Oncell G3110-hspa-t Firmware
Moxa Oncell G3150-hspa Firmware
Moxa Oncell G3110-hspa Firmware
7.5
CVSSv3
CVE-2018-5453
An Improper Handling of Length Parameter Inconsistency issue exists in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. An attacker may be able to edit the element of an HTTP request, causing the device to become unavailable.
Moxa Oncell G3110-hspa Firmware
Moxa Oncell G3110-hspa-t Firmware
Moxa Oncell G3150-hspa Firmware
Moxa Oncell G3150-hspa-t Firmware
9.8
CVSSv3
CVE-2018-5455
A Reliance on Cookies without Validation and Integrity Checking issue exists in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. The application allows a cookie parameter to consist of only digits, allowing an malicious user to perform a brute force attack bypa...
Moxa Oncell G3110-hspa Firmware
Moxa Oncell G3110-hspa-t Firmware
Moxa Oncell G3150-hspa Firmware
Moxa Oncell G3150-hspa-t Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started