Lucene search
+L

163 matches found

Cvelist
Cvelist
added 2023/12/23 9:1 a.m.24 views

CVE-2023-5961 ioLogik E1200 Series: Cross-Site Request Forgery (CSRF) Vulnerability

A Cross-Site Request Forgery CSRF vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. An attacker can exploit this vulnerability to trick a client into making an unintentional request to the web server, which will be treated as an authentic request. This...

8.8CVSS8.9AI score0.00373EPSS
Exploits1References1
CVE
CVE
added 2023/12/23 9:1 a.m.60 views

CVE-2023-5961

ioLogik E1200 Series web server firmware versions v3.3 and prior are vulnerable to CSRF, enabling an attacker to trick a user into making authenticated requests that perform operations on the device. The core issue is a Cross-Site Request Forgery vulnerability in the device’s web interface. Repor...

8.8CVSS8.8AI score0.00373EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2023/12/23 12:0 a.m.4 views

MOXA ioLogik E1200 Series 跨站请求伪造漏洞

MOXA ioLogik E1200 Series is a series of general-purpose controllers and I/O devices from MOXA, China. The MOXA ioLogik E1200 Series suffers from a cross-site request forgery vulnerability that can be exploited by an attacker to submit a special request, obtain sensitive information or perform a...

8.8CVSS6.6AI score0.00373EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/12/23 12:0 a.m.4 views

PT-2023-7983 · Moxa · Iologik E1200 Series

Name of the Vulnerable Software and Affected Versions: ioLogik E1200 Series firmware versions v3.3 and prior Description: A Cross-Site Request Forgery CSRF vulnerability has been identified, which may allow an attacker to trick a client into making an unintentional request to the web server. This...

10CVSS8.7AI score0.00373EPSS
Exploits1References9
CNNVD
CNNVD
added 2023/12/23 12:0 a.m.5 views

MOXA ioLogik E1200 Series 加密问题漏洞

MOXA ioLogik E1200 Series is a series of general-purpose controllers and I/O devices from MOXA, China. The MOXA ioLogik E1200 Series suffers from an encryption issue vulnerability that can be exploited by attackers to obtain sensitive information...

6.5CVSS6.6AI score0.00278EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/12/23 12:0 a.m.9 views

PT-2023-8045 · Moxa · Iologik E1200 Series

Name of the Vulnerable Software and Affected Versions: ioLogik E1200 Series firmware versions v3.3 and prior Description: A weak cryptographic algorithm vulnerability has been identified, which can help an attacker compromise the confidentiality of sensitive data and may lead to unexpected...

6.8CVSS7.3AI score0.00278EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2023/09/01 12:0 a.m.20 views

Moxa ioLogik Exposure of Sensitive Information to an Unauthorized Actor (CVE-2023-4230)

A vulnerability has been identified in ioLogik 4000 Series ioLogik E4200 firmware versions v1.6 and prior, which has the potential to facilitate the collection of information on ioLogik 4000 Series devices. This vulnerability may enable attackers to gather information for the purpose of assessing...

5.3CVSS5.7AI score0.00377EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/08/29 12:0 a.m.8 views

The vulnerability of the web-server of the programmable logical controller ioLogik arises from an improper limitation on the displayed layers of the user interface. This allows a intruder to compromise the integrity of the protected information.

The vulnerability of the web-server of the programmable logical controller ioLogik is related to an incorrect limitation on the displayed layers of the user interface. Exploiting this vulnerability allows a remote attacker to compromise the integrity of the protected information...

5CVSS5.6AI score0.00323EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/08/29 12:0 a.m.7 views

The vulnerability of the web-server of the programmable logical controller ioLogik, related to deficiencies in access control, allows a intruder to gain unauthorized access to confidential data.

The vulnerability of the web-server-based programmable logic controller ioLogik is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to confidential data...

5.3CVSS6.5AI score0.00304EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/08/29 12:0 a.m.10 views

The vulnerability of the web-server of the programmable logical controller ioLogik lies in the lack of protection for service data, allowing a intruder to gain unauthorized access to the protected information.

The vulnerability of the web-server of the programmable logical controller ioLogik is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

5.3CVSS5.9AI score0.00377EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/08/29 12:0 a.m.10 views

The vulnerability of the web server of the programmable logical controller ioLogik arises from the use of cookies to store confidential information without the HttpOnly flag. This allows a violator to gain unauthorized access to the protected information.

The vulnerability of the web server of the programmable logical controller ioLogik relates to the use of cookies for storing confidential information without the HttpOnly flag. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to the protected...

3.1CVSS5.5AI score0.00299EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/08/29 12:0 a.m.17 views

Moxa ioLogik 4000 Series Incorrect Authorization (CVE-2023-4227)

A vulnerability has been identified in the ioLogik 4000 Series ioLogik E4200 firmware versions v1.6 and prior, which can be exploited by malicious actors to potentially gain unauthorized access to the product. This could lead to security breaches, data theft, and unauthorized manipulation of...

6.5CVSS6.3AI score0.00304EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/08/29 12:0 a.m.19 views

Moxa ioLogik 4000 Series Session Cookie Without HttpOnly Flag (CVE-2023-4228)

A vulnerability has been identified in ioLogik 4000 Series ioLogik E4200 firmware versions v1.6 and prior, where the session cookies attribute is not set properly in the affected application. The vulnerability may lead to security risks, potentially exposing user session data to unauthorized acce...

4.3CVSS5.1AI score0.00299EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/08/29 12:0 a.m.8 views

Moxa ioLogik 4000 Series Improper Restriction of UI (CVE-2023-4229)

A vulnerability has been identified in ioLogik 4000 Series ioLogik E4200 firmware versions v1.6 and prior, potentially exposing users to security risks. This vulnerability may allow attackers to trick users into interacting with malicious content, leading to unintended actions or unauthorized dat...

4.7CVSS5.1AI score0.00323EPSS
Exploits0References2
NVD
NVD
added 2023/08/24 7:15 a.m.24 views

CVE-2023-4230

A vulnerability has been identified in ioLogik 4000 Series ioLogik E4200 firmware versions v1.6 and prior, which has the potential to facilitate the collection of information on ioLogik 4000 Series devices. This vulnerability may enable attackers to gather information for the purpose of assessing...

5.3CVSS5.3AI score0.00377EPSS
Exploits0References1
OSV
OSV
added 2023/08/24 7:15 a.m.6 views

CVE-2023-4230

A vulnerability has been identified in ioLogik 4000 Series ioLogik E4200 firmware versions v1.6 and prior, which has the potential to facilitate the collection of information on ioLogik 4000 Series devices. This vulnerability may enable attackers to gather information for the purpose of assessing...

5.3CVSS5.7AI score0.00377EPSS
Exploits0References1
NVD
NVD
added 2023/08/24 7:15 a.m.17 views

CVE-2023-4229

A vulnerability has been identified in ioLogik 4000 Series ioLogik E4200 firmware versions v1.6 and prior, potentially exposing users to security risks. This vulnerability may allow attackers to trick users into interacting with malicious content, leading to unintended actions or unauthorized dat...

4.7CVSS4.6AI score0.00323EPSS
Exploits0References1
OSV
OSV
added 2023/08/24 7:15 a.m.4 views

CVE-2023-4228

A vulnerability has been identified in ioLogik 4000 Series ioLogik E4200 firmware versions v1.6 and prior, where the session cookies attribute is not set properly in the affected application. The vulnerability may lead to security risks, potentially exposing user session data to unauthorized acce...

4.3CVSS5.7AI score0.00299EPSS
Exploits0References1
NVD
NVD
added 2023/08/24 7:15 a.m.18 views

CVE-2023-4228

A vulnerability has been identified in ioLogik 4000 Series ioLogik E4200 firmware versions v1.6 and prior, where the session cookies attribute is not set properly in the affected application. The vulnerability may lead to security risks, potentially exposing user session data to unauthorized acce...

4.3CVSS4.2AI score0.00299EPSS
Exploits0References1
OSV
OSV
added 2023/08/24 7:15 a.m.4 views

CVE-2023-4229

A vulnerability has been identified in ioLogik 4000 Series ioLogik E4200 firmware versions v1.6 and prior, potentially exposing users to security risks. This vulnerability may allow attackers to trick users into interacting with malicious content, leading to unintended actions or unauthorized dat...

4.7CVSS5.7AI score0.00323EPSS
Exploits0References1
Rows per page
Query Builder