CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-5455

A Reliance on Cookies without Validation and Integrity Checking issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. The application allows a cookie parameter to consist of only digits, allowing an attacker to perform a brute force attack bypassing authentication and gaining access to device functions.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 63.7%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

Products affected by CVE-2018-5455

Moxa » Oncell G3110-Hspa-T » Version: N/A

cpe:2.3:h:moxa:oncell_g3110-hspa-t:-
Moxa » Oncell G3110-Hspa » Version: N/A

cpe:2.3:h:moxa:oncell_g3110-hspa:-
Moxa » Oncell G3150-Hspa-T » Version: N/A

cpe:2.3:h:moxa:oncell_g3150-hspa-t:-
Moxa » Oncell G3150-Hspa » Version: N/A

cpe:2.3:h:moxa:oncell_g3150-hspa:-
Moxa » Oncell G3110-Hspa-T Firmware » Version: 1.4

cpe:2.3:o:moxa:oncell_g3110-hspa-t_firmware:1.4
Moxa » Oncell G3110-Hspa Firmware » Version: 1.3

cpe:2.3:o:moxa:oncell_g3110-hspa_firmware:1.3
Moxa » Oncell G3110-Hspa Firmware » Version: 1.4

cpe:2.3:o:moxa:oncell_g3110-hspa_firmware:1.4
Moxa » Oncell G3150-Hspa-T Firmware » Version: 1.4

cpe:2.3:o:moxa:oncell_g3150-hspa-t_firmware:1.4
Moxa » Oncell G3150-Hspa Firmware » Version: 1.4

cpe:2.3:o:moxa:oncell_g3150-hspa_firmware:1.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-5455

Products

Pricing

Contact Us