14 matches found
EUVD-2021-25641
Malware in sbrugna...
CVE-2021-39279
Certain MOXA devices allow Authenticated Command Injection via /forms/webimportTFTP. This affects WAC-2004 1.7, WAC-1001 2.1, WAC-1001-T 2.1, OnCell G3470A-LTE-EU 1.7, OnCell G3470A-LTE-EU-T 1.7, TAP-323-EU-CT-T 1.3, TAP-323-US-CT-T 1.3, TAP-323-JP-CT-T 1.3, WDR-3124A-EU 2.3, WDR-3124A-EU-T 2.3,...
CVE-2021-39278
Certain MOXA devices allow reflected XSS via the Config Import menu. This affects WAC-2004 1.7, WAC-1001 2.1, WAC-1001-T 2.1, OnCell G3470A-LTE-EU 1.7, OnCell G3470A-LTE-EU-T 1.7, TAP-323-EU-CT-T 1.3, TAP-323-US-CT-T 1.3, TAP-323-JP-CT-T 1.3, WDR-3124A-EU 2.3, WDR-3124A-EU-T 2.3, WDR-3124A-US 2.3...
The vulnerability of the microprogramming software used in industrial LTE modems of the Moxa OnCell G3150A-LTE, OnCell G3470A-LTE, and WDR-3124A series, as well as the microprogramming software used in wireless access points for industrial systems of the Moxa AWK-3131A, AWK-4131A, AWK-1131A, and AWK-1137C models, is related to improper verification of the cryptographic signature. This vulnerability allows attackers to perform cross-site scripting attacks.
The vulnerability of the microprogramming software used in industrial LTE modems of the Moxa OnCell G3150A-LTE, OnCell G3470A-LTE, and WDR-3124A series, as well as the microprogramming software used in wireless access points for industrial systems of the Moxa AWK-3131A, AWK-4131A, AWK-1131A, and...
The vulnerability of the microprogramming software used in industrial LTE modems of the Moxa OnCell G3150A-LTE, OnCell G3470A-LTE, and WDR-3124A series, as well as the microprogramming software used in wireless access points for industrial systems of the Moxa AWK-3131A, AWK-4131A, AWK-1131A, and AWK-1137C models, is related to the unencrypted storage of critical information. This vulnerability allows attackers to circumvent security restrictions and gain unauthorized access to protected information.
The vulnerability of the microprogramming software used in industrial LTE modems of the Moxa OnCell G3150A-LTE, OnCell G3470A-LTE, and WDR-3124A series, as well as the microprogramming software used in wireless access points for industrial systems of the Moxa AWK-3131A, AWK-4131A, AWK-1131A, and...
The vulnerability of the web interface of the microprogramming software for industrial LTE modems of the Moxa OnCell G3150A-LTE, OnCell G3470A-LTE, and WDR-3124A series, as well as the microprogramming software for wireless access points for industrial systems of the Moxa AWK-3131A, AWK-4131A, AWK-1131A, and AWK-1137C models, allows a perpetrator to execute arbitrary commands.
The vulnerability of the web interface of microprogramming software for industrial LTE modems of the Moxa OnCell G3150A-LTE, OnCell G3470A-LTE, and WDR-3124A series, as well as of microprogramming software for wireless access points for industrial systems of the Moxa AWK-3131A, AWK-4131A,...
CVE-2021-39279
Certain MOXA devices allow Authenticated Command Injection via /forms/webimportTFTP. This affects WAC-2004 1.7, WAC-1001 2.1, WAC-1001-T 2.1, OnCell G3470A-LTE-EU 1.7, OnCell G3470A-LTE-EU-T 1.7, TAP-323-EU-CT-T 1.3, TAP-323-US-CT-T 1.3, TAP-323-JP-CT-T 1.3, WDR-3124A-EU 2.3, WDR-3124A-EU-T 2.3,...
CVE-2021-39278
Certain MOXA devices allow reflected XSS via the Config Import menu. This affects WAC-2004 1.7, WAC-1001 2.1, WAC-1001-T 2.1, OnCell G3470A-LTE-EU 1.7, OnCell G3470A-LTE-EU-T 1.7, TAP-323-EU-CT-T 1.3, TAP-323-US-CT-T 1.3, TAP-323-JP-CT-T 1.3, WDR-3124A-EU 2.3, WDR-3124A-EU-T 2.3, WDR-3124A-US 2.3...
Command injection
Certain MOXA devices allow Authenticated Command Injection via /forms/webimportTFTP. This affects WAC-2004 1.7, WAC-1001 2.1, WAC-1001-T 2.1, OnCell G3470A-LTE-EU 1.7, OnCell G3470A-LTE-EU-T 1.7, TAP-323-EU-CT-T 1.3, TAP-323-US-CT-T 1.3, TAP-323-JP-CT-T 1.3, WDR-3124A-EU 2.3, WDR-3124A-EU-T 2.3,...
CVE-2021-39279
Certain MOXA devices allow Authenticated Command Injection via /forms/webimportTFTP. This affects WAC-2004 1.7, WAC-1001 2.1, WAC-1001-T 2.1, OnCell G3470A-LTE-EU 1.7, OnCell G3470A-LTE-EU-T 1.7, TAP-323-EU-CT-T 1.3, TAP-323-US-CT-T 1.3, TAP-323-JP-CT-T 1.3, WDR-3124A-EU 2.3, WDR-3124A-EU-T 2.3,...
The vulnerability of microprogrammed software in industrial modems of the OnCell G3470A-LTE Series and WDR-3124A Series, as well as in microprogrammed software for Wi-Fi routers of the TAP-323 Series, WAC-1001 Series, and WAC-2004 Series, arises from the use of non-unique X.509 certificates and host SSH keys. This vulnerability allows attackers to escalate their privileges.
The vulnerabilities of microprogrammed software in industrial modems of the OnCell G3470A-LTE Series, WDR-3124A Series, microprogrammed software in Wi-Fi routers of the TAP-323 Series, WAC-1001 Series, and WAC-2004 Series are related to the use of non-unique X.509 certificates and host SSH keys...
Moxa 多款产品操作系统命令注入漏洞
Moxa TAP-323 and others are products of Moxa China.Moxa TAP-323 is a series of railroad wireless controllers.Moxa WAC-1001 is a series of railroad wireless controllers.Moxa WAC-2004 is a series of railroad wireless controllers.Moxa TAP-323 is a series of railroad wireless controllers.Moxa TAP-323...
The vulnerability of microprogrammed software in industrial modems of the OnCell G3470A-LTE Series and WDR-3124A Series, as well as in microprogrammed software for Wi-Fi routers of the TAP-323 Series, WAC-1001 Series, and WAC-2004 Series, arises from the lack of protective measures for website structures. This allows attackers to import any file through the web interface.
The vulnerabilities of microprogrammed software in industrial modems of the OnCell G3470A-LTE Series, WDR-3124A Series, microprogrammed software in Wi-Fi routers of the TAP-323 Series, WAC-1001 Series, and WAC-2004 Series are related to the lack of measures taken to protect the website structure...
PT-2018-3750 · Moxa · Wdr-3124A Series +5
Name of the Vulnerable Software and Affected Versions: Moxa AWK-3131A Wireless Access Point version 1.1 OnCell G3470A-LTE Series affected versions not specified WDR-3124A Series affected versions not specified TAP-323 Series affected versions not specified WAC-1001 Series affected versions not...