Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Oncell G3150-hspa-t Security Vulnerabilities

cve
cve

CVE-2018-11422

Moxa OnCell G3100-HSPA Series version 1.6 Build 17100315 and prior use a proprietary configuration protocol that does not provide confidentiality, integrity, and authenticity security controls. All information is sent in plain text, and can be intercepted and modified. Any commands (including...

9.8CVSS

9.3AI Score

0.002EPSS

2019-07-03 04:15 PM
40
cve
cve

CVE-2018-11423

There is Memory corruption in the web interface Moxa OnCell G3100-HSPA Series version 1.6 Build 17100315 and prior, different vulnerability than...

7.5CVSS

8.7AI Score

0.002EPSS

2019-07-03 04:15 PM
38
cve
cve

CVE-2018-11420

There is Memory corruption in the web interface of Moxa OnCell G3100-HSPA Series version 1.5 Build 17042015 and prio,r a different vulnerability than...

9.8CVSS

7.8AI Score

0.002EPSS

2019-07-03 04:15 PM
37
cve
cve

CVE-2018-11421

Moxa OnCell G3100-HSPA Series version 1.6 Build 17100315 and prior use a proprietary monitoring protocol that does not provide confidentiality, integrity, and authenticity security controls. All information is sent in plain text, and can be intercepted and modified. The protocol is vulnerable to...

9.8CVSS

9.1AI Score

0.002EPSS

2019-07-03 04:15 PM
34
cve
cve

CVE-2018-11427

CSRF tokens are not used in the web application of Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior, which makes it possible to perform CSRF attacks on the device...

8.8CVSS

8.5AI Score

0.001EPSS

2019-07-03 03:15 PM
35
cve
cve

CVE-2018-11426

A weak Cookie parameter is used in the web application of Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. An attacker can brute force parameters required to bypass authentication and access the web interface to use all its functions except for password...

9.8CVSS

9.6AI Score

0.003EPSS

2019-07-03 03:15 PM
34
cve
cve

CVE-2018-5449

A NULL Pointer Dereference issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. The application does not check for a NULL value, allowing for an attacker to perform a denial of service...

6.5CVSS

6.3AI Score

0.001EPSS

2018-03-05 05:29 PM
22
cve
cve

CVE-2018-5453

An Improper Handling of Length Parameter Inconsistency issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. An attacker may be able to edit the element of an HTTP request, causing the device to become...

7.5CVSS

7.3AI Score

0.001EPSS

2018-03-05 05:29 PM
22
cve
cve

CVE-2018-5455

A Reliance on Cookies without Validation and Integrity Checking issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. The application allows a cookie parameter to consist of only digits, allowing an attacker to perform a brute force attack bypassing...

9.8CVSS

9.3AI Score

0.002EPSS

2018-03-05 05:29 PM
21