5 matches found
Moxa OnCell G3100-HSPA Security Bypass Vulnerability
Moxa OnCell G3100-HSPA is a G3100-HSPA series cellular network gateway device from Moxa, Taiwan, China. A security vulnerability exists in Moxa OnCell G3100-HSPA 1.4 Build 16062919 and earlier versions. The vulnerability can be exploited by an attacker to bypass authentication and access the web...
Moxa OnCell G3100-HSPA Cross-Site Request Forgery Vulnerability
Moxa OnCell G3100-HSPA is a G3100-HSPA series cellular network gateway device from Moxa, Taiwan, China. A cross-site request forgery vulnerability exists in the DE WEB application in Moxa OnCell G3100-HSPA 1.4 Build 16062919 and prior firmware versions, which stems from the WEB application not...
CVE-2018-11427
CSRF tokens are not used in the web application of Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior, which makes it possible to perform CSRF attacks on the device administrator...
Authentication flaw
A weak Cookie parameter is used in the web application of Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. An attacker can brute force parameters required to bypass authentication and access the web interface to use all its functions except for password change...
CVE-2018-5455
A Reliance on Cookies without Validation and Integrity Checking issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. The application allows a cookie parameter to consist of only digits, allowing an attacker to perform a brute force attack bypassing...