The vulnerability of the microprogrammed Ethernet switches Moxa SDS-3008 lies in the insufficient protection of the web page structure, allowing attackers to execute arbitrary JavaScript code.

The vulnerability of the microprogrammed Ethernet switch software from Moxa, the SDS-3008 model, is related to insufficient protection of the website structure during the processing of the Switch Location field in the Switch Information section. Exploiting this vulnerability allows an attacker to...

PT-2023-1303 · Moxa · Moxa Sds-3008 Series Industrial Ethernet Switch

Name of the Vulnerable Software and Affected Versions: Moxa SDS-3008 Series Industrial Ethernet Switch version 2.1 Description: A stored cross-site scripting issue exists in the web application functionality. This can be triggered by a specially-crafted HTTP request, leading to arbitrary Javascri...