EUVD-2015-6421

Malware in sbrugna...

CVE-2015-6480

The MessageBrokerServlet servlet in Moxa OnCell Central Manager before 2.2 does not require authentication, which allows remote attackers to obtain administrative access via a command, as demonstrated by the addUserAndGroup action...

Authentication flaw

The MessageBrokerServlet servlet in Moxa OnCell Central Manager before 2.2 does not require authentication, which allows remote attackers to obtain administrative access via a command, as demonstrated by the addUserAndGroup action...

CVE-2015-6480

The MessageBrokerServlet servlet in Moxa OnCell Central Manager before 2.2 does not require authentication, which allows remote attackers to obtain administrative access via a command, as demonstrated by the addUserAndGroup action...

CVE-2015-6480

The CVE-2015-6480 entry concerns Moxa OnCell Central Manager (pre-2.2). The vulnerable component is the MessageBrokerServlet, which does not require authentication, enabling remote attackers to gain administrative access by issuing commands such as addUserAndGroup. This authentication bypass is t...

Moxa OnCell Central Manager Server MessageBrokerServlet Authentication Bypass Vulnerability

Moxa OnCell Central Manager provides Web access to private IP network devices. A security vulnerability exists in the implementation of Moxa OnCell Central Manager's MessageBrokerServlet that fails to authenticate the user's identity before accepting commands, which can be exploited by an attacke...

(0Day) Moxa OnCell Central Manager Server MessageBrokerServlet Authentication Bypass Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Moxa OnCell Central Manager Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MessageBrokerServlet servlet, which does not ensure a user is...