Shodan
Vulnerabilities
Vulnerable Software
Moxa:  >> Sds-3008  Security Vulnerabilities
CVE-2022-41312
A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can send an HTTP request to trigger this vulnerability.Form field id="Switch Description", name "switch_description"
CVSS Score
4.3
EPSS Score
0.008
Published
2023-02-07
CVE-2022-41313
A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can send an HTTP request to trigger this vulnerability.Form field id="switch_contact"
CVSS Score
4.3
EPSS Score
0.008
Published
2023-02-07
CVE-2022-40224
A denial of service vulnerability exists in the web server functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP message header can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.
CVSS Score
5.3
EPSS Score
0.088
Published
2023-02-07
CVE-2022-40691
An information disclosure vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to a disclosure of sensitive information. An attacker can send an HTTP request to trigger this vulnerability.
CVSS Score
5.3
EPSS Score
0.004
Published
2023-02-07
CVE-2022-40693
A cleartext transmission vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted network sniffing can lead to a disclosure of sensitive information. An attacker can sniff network traffic to trigger this vulnerability.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-02-07
CVE-2022-41311
A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can send an HTTP request to trigger this vulnerability.Form field id="webLocationMessage_text" name="webLocationMessage_text"
CVSS Score
4.3
EPSS Score
0.008
Published
2023-02-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved