Lucene search
K

6 matches found

EUVD
EUVD
added 2026/03/16 6:32 p.m.3 views

EUVD-2026-12462

Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a reflected cross-site scripting vulnerability in the Network Diagnosis ping function that allows attackers to execute arbitrary JavaScript. Attackers can craft malicious links with injected script payloads in the pingipaddr parameter t...

5.1CVSS5.9AI score0.00155EPSS
Exploits0References3
NVD
NVD
added 2026/03/16 6:16 p.m.4 views

CVE-2026-29520

Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a reflected cross-site scripting vulnerability in the Network Diagnosis ping function that allows attackers to execute arbitrary JavaScript. Attackers can craft malicious links with injected script payloads in the pingipaddr parameter t...

6.1CVSS0.00155EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.4 views

PT-2026-25783

Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a reflected cross-site scripting vulnerability in the Network Diagnosis ping function that allows attackers to execute arbitrary JavaScript. Attackers can craft malicious links with injected script payloads in the ping ipaddr parameter ...

5.1CVSS5.9AI score0.00155EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/07/10 12:0 a.m.6 views

The vulnerability of the Diagnosis Ping function in the administrative web interface of the Ethernet switch microprogramming software from Moxa, models Moxa EDS-405A and Moxa EDS-408A, allows a hacker to execute arbitrary code.

The vulnerability of the Diagnosis Ping function in the administrative web interface of Microprogrammed Ethernet switches of the Moxa EDS-405A and Moxa EDS-408A series is related to insufficient protection of the web page structure. Exploiting this vulnerability allows a remote attacker to execut...

4.3CVSS5.9AI score0.01274EPSS
Exploits0References4Affected Software2
Prion
Prion
added 2015/09/11 4:59 p.m.20 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Diagnosis Ping feature in the administrative web interface on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote attackers to inject arbitrary web script or HTML via an unspecified field...

4.3CVSS6.3AI score0.01274EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2015/09/11 4:0 p.m.46 views

CVE-2015-6466

CVE-2015-6466 is an XSS vulnerability in the Diagnosis Ping feature of the administrative web interface on Moxa EDS-405A/EDS-408A switches, exploitable via an unspecified field in firmware prior to 3.6. Affected devices run Moxa’s EDS-405A/EDS-408A series; CVSSv2 base score 4.3 (AV:N/AC:M/Au:N/C:...

4.3CVSS5.9AI score0.01274EPSS
Exploits0References2Affected Software2
Rows per page
Query Builder