Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
Vulnerabilities for
'Oncell g3150-hspa firmware'
2019-07-03
CVE-2018-11423
CWE-119
There is Memory corruption in the web interface Moxa OnCell G3100-HSPA Series version 1.6 Build 17100315 and prior, different vulnerability than CVE-2018-11420.
CVE-2018-11422
CWE-284
Moxa OnCell G3100-HSPA Series version 1.6 Build 17100315 and prior use a proprietary configuration protocol that does not provide confidentiality, integrity, and authenticity security controls. All information is sent in plain text, and can be intercepted and modified. Any commands (including device reboot, configuration download or upload, or firmware upgrade) are accepted and executed by the device without authentication.
CVE-2018-11421
CWE-200
Moxa OnCell G3100-HSPA Series version 1.6 Build 17100315 and prior use a proprietary monitoring protocol that does not provide confidentiality, integrity, and authenticity security controls. All information is sent in plain text, and can be intercepted and modified. The protocol is vulnerable to remote unauthenticated disclosure of sensitive information, including the administrator's password. Under certain conditions, it's also possible to retrieve additional information, such as content of HTTP requests to the device, or the previously used password, due to memory leakages.
CVE-2018-11420
CWE-400
There is Memory corruption in the web interface of Moxa OnCell G3100-HSPA Series version 1.5 Build 17042015 and prio,r a different vulnerability than CVE-2018-11423.
CVE-2018-11427
CWE-352
CSRF tokens are not used in the web application of Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior, which makes it possible to perform CSRF attacks on the device administrator.
CVE-2018-11426
CWE-287
A weak Cookie parameter is used in the web application of Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. An attacker can brute force parameters required to bypass authentication and access the web interface to use all its functions except for password change.
2018-03-05
CVE-2018-5455
CWE-287
A Reliance on Cookies without Validation and Integrity Checking issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. The application allows a cookie parameter to consist of only digits, allowing an attacker to perform a brute force attack bypassing authentication and gaining access to device functions.
CVE-2018-5453
CWE-119
An Improper Handling of Length Parameter Inconsistency issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. An attacker may be able to edit the element of an HTTP request, causing the device to become unavailable.
CVE-2018-5449
CWE-476
A NULL Pointer Dereference issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. The application does not check for a NULL value, allowing for an attacker to perform a denial of service attack.
>>>
Vendor:
MOXA
88
Products
Device manager
Mdm tool
Activex sdk
Edr g903 firmware
Edr-g903
Oncell gateway g3211
Oncell gateway firmware
Vport activex sdk plus
Softcms
Eds-405a firmware
Eds-408a firmware
Oncell central manager
Ioadmin firmware
Iologik firmware
Miineport e1 4641 firmware
Miineport e1 7080 firmware
Miineport e2 1242 firmware
Miineport e2 4561 firmware
Miineport e3 firmware
Uc-7408 lx-plus
Uc-7408 lx-plus firmware
Pt-7728 firmware
Pt-7728
Device server web console 5232-n firmware
Mgate mb3170 router firmware
Mgate mb3180 router firmware
Mgate mb3270 router firmware
Mgate mb3280 router firmware
Mgate mb3480 router firmware
Oncell g3001 firmware
Oncell g3100v2 firmware
Active opc server
Dacenter
Nport 5100 series firmware
Nport 5400 series firmware
Nport 5600 series firmware
Nport 5100a series firmware
Nport p5150a series firmware
Nport 5200 series firmware
Nport 6100 series firmware
Nport 5200a series firmware
Nport 5x50a1-m12 series firmware
Nport 5600-8-dtl series firmware
Edr-810 firmware
Miineport e1 firmware
Miineport e2 firmware
Awk-5232-m12-rcc firmware
Awk-3191 firmware
Awk-3131a firmware
Awk-6232 firmware
Awk-1127 firmware
Wac-2004 firmware
Awk-5232 firmware
Awk-1121 firmware
Wac-1001 v2 firmware
Awk-3121-m12-rtg firmware
Awk-1131a firmware
Awk-4131a firmware
Awk-3131-m12-rcc firmware
Oncellg3470a-lte firmware
Mxview
Mx-aopc server
Oncell 5104-hsdpa firmware
Oncell 5004-hspa firmware
Oncell g3110-hspa firmware
Oncell g3110-hsdpa firmware
Oncell g3150-hsdpa firmware
Oncell 5104-hspa firmware
Eds-g512e firmware
Nport 5110 firmware
Nport 5130 firmware
Nport 5150 firmware
Softcms lab view
Softnvr-ia live view
Oncell g3110-hspa-t firmware
Oncell g3150-hspa-t firmware
Oncell g3150-hspa firmware
Nport 5210 firmware
Nport 5230 firmware
Nport 5232 firmware
Thingspro
Eds-510a firmware
Iks-g6824a firmware
Awk-3121 firmware
Oncell g3470a-lte-eu-t firmware
Oncell g3470a-lte-eu firmware
Oncell g3470a-lte-us-t firmware
Oncell g3470a-lte-us firmware
Copyright
2024
, cxsecurity.com
Back to Top
Vulnerabilities for 'Oncell g3150-hspa firmware' 