← Back

Oncell G3110 Hspa T Firmware

oncell_g3110-hspa-t_firmware

Vendor: Moxa • 3 CVEs

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-5455
1Moxa
4Oncell G3110 Hspa T Firmware
Oncell G3110 Hspa FirmwareOncell G3150 Hspa T Firmware+1 more
Nov 21, 2024
Mar 5, 2018
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A Reliance on Cookies without Validation and Integrity Checking issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. The application allows a cookie parameter to consist of only dig...Show more
A Reliance on Cookies without Validation and Integrity Checking issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. The application allows a cookie parameter to consist of only digits, allowing an attacker to perform a brute force attack bypassing authentication and gaining access to device functions.Show less
CVE-2018-5453
1Moxa
4Oncell G3110 Hspa T Firmware
Oncell G3110 Hspa FirmwareOncell G3150 Hspa T Firmware+1 more
Nov 21, 2024
Mar 5, 2018
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
An Improper Handling of Length Parameter Inconsistency issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. An attacker may be able to edit the element of an HTTP request, causing t...Show more
An Improper Handling of Length Parameter Inconsistency issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. An attacker may be able to edit the element of an HTTP request, causing the device to become unavailable.Show less
CVE-2018-5449
1Moxa
4Oncell G3110 Hspa T Firmware
Oncell G3110 Hspa FirmwareOncell G3150 Hspa T Firmware+1 more
Nov 21, 2024
Mar 5, 2018
N/A· v4
6.5 MEDIUM· v3
3.3 LOW· v2
A NULL Pointer Dereference issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. The application does not check for a NULL value, allowing for an attacker to perform a denial of serv...Show more
A NULL Pointer Dereference issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. The application does not check for a NULL value, allowing for an attacker to perform a denial of service attack.Show less