CSRF tokens are not used in the web application of Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior, which makes it possible to perform CSRF attacks on the device administrator.
CPE | Name | Operator | Version |
---|---|---|---|
oncell_g3150-hspa-t_firmware | le | 1.4 | |
oncell_g3150-hspa_firmware | le | 1.4 |