EUVD-2015-6421

Malware in sbrugna...

EUVD-2015-6422

Malware in sbrugna...

The vulnerability of the Apache Flex BlazeDS component, a software tool for managing devices in OnCell Central Manager networks, allows a malicious individual to view the content of any file on the server or perform network scanning of both internal and external infrastructure.

The vulnerability of the Apache Flex BlazeDS component, a software tool for managing devices in OnCell Central Manager networks, is related to the lack of protection for operational data. Exploiting this vulnerability allows an attacker to remotely access and view the content of any file on the...

The vulnerability of the Apache Flex BlazeDS component, a software tool for managing devices in OnCell Central Manager networks, allows a hacker to execute arbitrary code.

The vulnerability of the Apache Flex BlazeDS component, a software tool for managing devices in OnCell Central Manager networks, is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

The vulnerability of the software for managing devices in the OnCell Central Manager allows a hacker to gain administrator privileges.

The vulnerability of the login function in the RequestController class of the software tool for managing devices in the OnCell Central Manager network is related to the rigid encoding of registration data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain...

The vulnerability of the software for managing devices in the OnCell Central Manager allows a hacker to gain administrator privileges.

The vulnerability of the MessageBrokerServlet servlet, a software component used for managing devices in the OnCell Central Manager network, is related to the absence of an authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain administrat...

moxa OnCell Central Manager 弱口令

No description provided by source...

CVE-2015-6481

The login function in the RequestController class in Moxa OnCell Central Manager before 2.2 has a hardcoded root password, which allows remote attackers to obtain administrative access via a login session...

CVE-2015-6480

The MessageBrokerServlet servlet in Moxa OnCell Central Manager before 2.2 does not require authentication, which allows remote attackers to obtain administrative access via a command, as demonstrated by the addUserAndGroup action...

Authentication flaw

The MessageBrokerServlet servlet in Moxa OnCell Central Manager before 2.2 does not require authentication, which allows remote attackers to obtain administrative access via a command, as demonstrated by the addUserAndGroup action...

CVE-2015-6481

The login function in the RequestController class in Moxa OnCell Central Manager before 2.2 has a hardcoded root password, which allows remote attackers to obtain administrative access via a login session...

CVE-2015-6480

The CVE-2015-6480 entry concerns Moxa OnCell Central Manager (pre-2.2). The vulnerable component is the MessageBrokerServlet, which does not require authentication, enabling remote attackers to gain administrative access by issuing commands such as addUserAndGroup. This authentication bypass is t...

CVE-2015-6480

The MessageBrokerServlet servlet in Moxa OnCell Central Manager before 2.2 does not require authentication, which allows remote attackers to obtain administrative access via a command, as demonstrated by the addUserAndGroup action...

CVE-2015-6481

CVE-2015-6481 affects Moxa OnCell Central Manager Software prior to version 2.2. The vulnerability arises from a hard-coded root credential in the RequestController.login function, enabling remote attackers to obtain administrative access and potentially execute code on affected systems. NVD and ...

Moxa OnCell Central Manager Software身份验证绕过漏洞

No description provided by source...

Moxa OnCell Central Manager Software任意代码执行漏洞

No description provided by source...

Moxa OnCell Central Manager Software Authentication Bypass Vulnerability

Moxa OnCell Central Manager Software is a suite of private IP management software from MOXA. The software supports the configuration, management and monitoring of remote devices over a private network. A security vulnerability exists in Moxa OnCell Central Manager Software prior to version 2.2. A...

(0Day) Moxa OnCell Central Manager Server MessageBrokerServlet Authentication Bypass Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Moxa OnCell Central Manager Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MessageBrokerServlet servlet, which does not ensure a user is...

(0Day) Moxa OnCell Central Manager Server RequestController Static Credentials Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Moxa OnCell Central Manager Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RequestController class. The specific flaw exists within the...

Moxa OnCell Central Manager Vulnerabilities

OVERVIEW NCCIC/ICS-CERT received a report from HP’s Zero Day Initiative ZDI concerning hardcoded credentials and authentication bypass vulnerabilities in Moxa’s OnCell Central Manager Software. These vulnerabilities were reported to ZDI by security researcher Andrea Micalizzi. Moxa has released a...