← Back

Sds 3008 T Firmware

sds-3008-t_firmware

Vendor: Moxa • 6 CVEs

CVEs (6)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-41313
1Moxa
2Sds 3008 T Firmware
Sds 3008 Firmware
Nov 4, 2025
Feb 7, 2023
N/A· v4
5.4 MEDIUM· v3
N/A· v2
A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to arbitrary Javascript execution....Show more
A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can send an HTTP request to trigger this vulnerability.Form field id="switch_contact"Show less
CVE-2022-41312
1Moxa
2Sds 3008 T Firmware
Sds 3008 Firmware
Nov 4, 2025
Feb 7, 2023
N/A· v4
5.4 MEDIUM· v3
N/A· v2
A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to arbitrary Javascript execution....Show more
A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can send an HTTP request to trigger this vulnerability.Form field id="Switch Description", name "switch_description"Show less
CVE-2022-41311
1Moxa
2Sds 3008 T Firmware
Sds 3008 Firmware
Nov 4, 2025
Feb 7, 2023
N/A· v4
5.4 MEDIUM· v3
N/A· v2
A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to arbitrary Javascript execution....Show more
A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can send an HTTP request to trigger this vulnerability.Form field id="webLocationMessage_text" name="webLocationMessage_text"Show less
CVE-2022-40693
1Moxa
2Sds 3008 T Firmware
Sds 3008 Firmware
Nov 21, 2024
Feb 7, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
A cleartext transmission vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted network sniffing can lead to a disclosure of sensitive inform...Show more
A cleartext transmission vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted network sniffing can lead to a disclosure of sensitive information. An attacker can sniff network traffic to trigger this vulnerability.Show less
CVE-2022-40691
1Moxa
2Sds 3008 T Firmware
Sds 3008 Firmware
Nov 21, 2024
Feb 7, 2023
N/A· v4
5.3 MEDIUM· v3
N/A· v2
An information disclosure vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to a disclosure of sensitive informati...Show more
An information disclosure vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to a disclosure of sensitive information. An attacker can send an HTTP request to trigger this vulnerability.Show less
CVE-2022-40224
1Moxa
2Sds 3008 T Firmware
Sds 3008 Firmware
Nov 21, 2024
Feb 7, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
A denial of service vulnerability exists in the web server functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP message header can lead to denial of service. An attacker can send...Show more
A denial of service vulnerability exists in the web server functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP message header can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.Show less