Lucene search
K

33 matches found

RedhatCVE
RedhatCVE
added 2025/10/24 2:33 p.m.5 views

CVE-2025-1680

An acceptance of extraneous untrusted data with trusted data vulnerability has been identified in Moxa’s Ethernet switches, which allows attackers with administrative privileges to manipulate HTTP Host headers by injecting a specially crafted Host header into HTTP requests sent to an affected...

6.8AI score0.00168EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/24 2:33 p.m.5 views

CVE-2025-1679

Cross-site Scripting has been identified in Moxa’s Ethernet switches, which allows an authenticated administrative attacker to inject malicious scripts to an affected device’s web service that could impact authenticated users interacting with the device’s web interface. This vulnerability is...

4.8CVSS5.7AI score0.00298EPSS
Exploits0References1
NVD
NVD
added 2025/10/23 2:15 p.m.5 views

CVE-2025-1679

Cross-site Scripting has been identified in Moxa’s Ethernet switches, which allows an authenticated administrative attacker to inject malicious scripts to an affected device’s web service that could impact authenticated users interacting with the device’s web interface. This vulnerability is...

4.8CVSS0.00298EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/23 1:56 p.m.5 views

EUVD-2025-35688

An acceptance of extraneous untrusted data with trusted data vulnerability has been identified in Moxa’s Ethernet switches, which allows attackers with administrative privileges to manipulate HTTP Host headers by injecting a specially crafted Host header into HTTP requests sent to an affected...

4.8CVSS6.4AI score0.00298EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/23 1:56 p.m.3 views

CVE-2025-1680

An acceptance of extraneous untrusted data with trusted data vulnerability has been identified in Moxa’s Ethernet switches, which allows attackers with administrative privileges to manipulate HTTP Host headers by injecting a specially crafted Host header into HTTP requests sent to an affected...

6.5AI score0.00298EPSS
Exploits0References2
CVE
CVE
added 2025/10/23 1:56 p.m.13 views

CVE-2025-1680

CVE-2025-1680 affects Moxa Ethernet switches. Description: an acceptance of extraneous untrusted data with trusted data vulnerability enables an administrator to inject crafted Host headers into HTTP requests to the device web service, classed as Host Header Injection. Root cause: improper handli...

6.5AI score0.00298EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/23 1:51 p.m.2 views

CVE-2025-1679

Cross-site Scripting has been identified in Moxa’s Ethernet switches, which allows an authenticated administrative attacker to inject malicious scripts to an affected device’s web service that could impact authenticated users interacting with the device’s web interface. This vulnerability is...

4.8CVSS5.4AI score0.00298EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/23 1:51 p.m.8 views

CVE-2025-1679

Cross-site Scripting has been identified in Moxa’s Ethernet switches, which allows an authenticated administrative attacker to inject malicious scripts to an affected device’s web service that could impact authenticated users interacting with the device’s web interface. This vulnerability is...

4.8CVSS0.00298EPSS
Exploits0References2
CVE
CVE
added 2025/10/23 1:51 p.m.11 views

CVE-2025-1679

CVE-2025-1679 and CVE-2025-1680 concern Moxa Ethernet switches. CVE-2025-1679 is a stored Cross-site Scripting (XSS) in the device web interface: an authenticated admin can inject scripts that affect authenticated users, with impact on the subsequent system’s confidentiality and integrity but not...

4.8CVSS5.4AI score0.00298EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/23 12:0 a.m.4 views

Moxa Ethernet switches 安全漏洞

Moxa Ethernet switches is an industrial grade network switch from Moxa Corporation, Taiwan, China. A security vulnerability exists in Moxa Ethernet switches that originates from HTTP Host header injection, which may result in redirecting users, forging links, or phishing. The following products a...

4.8CVSS6.5AI score0.00298EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-6406

Malware in sbrugna...

6.8CVSS6.4AI score0.01975EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2025/01/17 12:0 a.m.5 views

The vulnerability of the implementation of the authorization mechanism for microprogramming software in Moxa EDS-508A switches allows a intruder to gain unauthorized access to the device’s configuration files.

The vulnerability of the authentication mechanism for Microprogramming Software on Moxa EDS-508A switches lies in the exploitation of vulnerabilities in the identification/authentication mechanism. Exploiting this vulnerability can allow an intruder, operating remotely, to gain unauthorized acces...

10CVSS8.1AI score0.00818EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/10 12:0 a.m.6 views

The vulnerability of the Diagnosis Ping function in the administrative web interface of the Ethernet switch microprogramming software from Moxa, models Moxa EDS-405A and Moxa EDS-408A, allows a hacker to execute arbitrary code.

The vulnerability of the Diagnosis Ping function in the administrative web interface of Microprogrammed Ethernet switches of the Moxa EDS-405A and Moxa EDS-408A series is related to insufficient protection of the web page structure. Exploiting this vulnerability allows a remote attacker to execut...

4.3CVSS5.9AI score0.01274EPSS
Exploits0References4Affected Software2
CNNVD
CNNVD
added 2023/02/02 12:0 a.m.7 views

MOXA SDS-3008 跨站脚本漏洞

Moxa SDS-3008 is a series of industrial switches from MOXA China. The Moxa SDS-3008 suffers from a cross-site scripting vulnerability that can be exploited by an attacker to send a specially crafted HTTP request resulting in arbitrary Javascript execution...

5.4CVSS6.4AI score0.01028EPSS
Exploits1References4
NCSC
NCSC
added 2021/08/10 12:0 a.m.2 views

Vulnerabilities in Moxa EDS-405A series ICS Ethernet switches

Moxa has fixed vulnerabilities in Ethernet switches. The vulnerabilities allow a remote malicious person to execute arbitrary code and to perform a denial-of-service execution. Moxa has released updates to fix the vulnerabilities. More information can be found on the page below:...

7.4AI score
Exploits0
CNVD
CNVD
added 2020/02/26 12:0 a.m.3 views

Moxa PT-7528 and PT-7828 Series Weak Cryptographic Algorithm Vulnerability

Moxa PT-7528 and PT-7828 Series are both Ethernet switches manufactured by Moxa. A weak cryptographic algorithm vulnerability exists in the Moxa PT-7528 and PT-7828 Series, which can be exploited by attackers to obtain sensitive information...

7.5CVSS6.8AI score0.00812EPSS
Exploits0References1
CNVD
CNVD
added 2020/02/26 12:0 a.m.4 views

Moxa EDS-G516E and EDS-510E series buffer overflow vulnerability

Moxa EDS-G516E and EDS-510E series are both Ethernet switches manufactured by Moxa. A buffer overflow vulnerability exists in the Moxa EDS-G516E and EDS-510E series, which can be exploited by an attacker to cause a buffer overflow...

9.8CVSS7.5AI score0.0283EPSS
Exploits0References1
CNVD
CNVD
added 2020/02/26 12:0 a.m.3 views

Moxa PT-7528 and PT-7828 Series Weak Password Vulnerability

Moxa PT-7528 and PT-7828 Series are both Ethernet switches manufactured by Moxa. A weak password vulnerability exists in the Moxa PT-7528 and PT-7828 Series, which can be exploited by an attacker to gain unauthorized access to the system...

9.8CVSS7.2AI score0.01326EPSS
Exploits0References1
CNVD
CNVD
added 2020/02/26 12:0 a.m.4 views

Moxa EDS-G516E and EDS-510E series hard credential vulnerability

Moxa EDS-G516E and EDS-510E series are both Ethernet switches manufactured by Moxa. A hard credential vulnerability exists in the Moxa EDS-G516E and EDS-510E series, which can be exploited by an attacker to gain access to the system without proper authentication...

10CVSS7.1AI score0.01963EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/01/20 12:0 a.m.7 views

The vulnerability of the microprogramming software of Moxa EDS-G508E, EDS-G512E, and EDS-G516E allows a intruder to trigger a service failure.

The vulnerability of the microprogrammed software in Moxa EDS-G508E, EDS-G512E, and EDS-G516E switches is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

7.8CVSS7.1AI score0.01225EPSS
Exploits0References2Affected Software3
Rows per page
Query Builder