4 matches found
CVE-2021-39278
Certain MOXA devices allow reflected XSS via the Config Import menu. This affects WAC-2004 1.7, WAC-1001 2.1, WAC-1001-T 2.1, OnCell G3470A-LTE-EU 1.7, OnCell G3470A-LTE-EU-T 1.7, TAP-323-EU-CT-T 1.3, TAP-323-US-CT-T 1.3, TAP-323-JP-CT-T 1.3, WDR-3124A-EU 2.3, WDR-3124A-EU-T 2.3, WDR-3124A-US 2.3...
CVE-2021-39278
CVE-2021-39278 affects multiple MOXA devices (e.g., WAC-2004 1.7, WAC-1001 2.1, WAC-1001-T 2.1, OnCell G3470A-LTE-EU 1.7, TAP-323 etc.) via a reflected XSS in the Config Import menu. The root cause and exact affected components are not fully enumerated beyond the listed models; no remediation det...
Moxa Command Injection / Cross Site Scripting Vulnerabilities
======================================================================= title: Multiple vulnerabilities product: see "Vulnerable / tested versions" vulnerable version: see "Vulnerable / tested versions" fixed version: see "Solution" CVE number: CVE-2021-39278, CVE-2021-39279 impact: High homepage...
Moxa Command Injection / Cross Site Scripting / Vulnerable Software
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: see "Vulnerable / tested versions" vulnerable version: see "Vulnerable / tested versions" fixed version: see "Solution" CVE number:...