HIGH🇬🇧 English

CVE-2016-2285

CVSS 8.8v3.0pub. 2016-05-31upd. 2026-05-06

Cross-site request forgery (CSRF) vulnerability on Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614, MiiNePort_E2_4561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build 11071409 allows remote attackers to hijack the authentication of arbitrary users.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Moxa Miineport E1 4641

    HW
    Moxa
    wszystkie wersje
  • Moxa Miineport E1 4641 Firmware

    OS
    Moxa
    1.1.10
  • Moxa Miineport E1 7080

    HW
    Moxa
    wszystkie wersje
  • Moxa Miineport E1 7080 Firmware

    OS
    Moxa
    1.1.10
  • Moxa Miineport E2 1242

    HW
    Moxa
    wszystkie wersje
  • Moxa Miineport E2 1242 Firmware

    OS
    Moxa
    1.1
  • Moxa Miineport E2 4561

    HW
    Moxa
    wszystkie wersje
  • Moxa Miineport E2 4561 Firmware

    OS
    Moxa
    1.1
  • Moxa Miineport E3

    HW
    Moxa
    wszystkie wersje
  • Moxa Miineport E3 Firmware

    OS
    Moxa
    1.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2016-9344HIGH7.5ten sam produkt

An issue was discovered in Moxa MiiNePort E1 versions prior to 1.8, E2 versions prior to 1.4, and E3 versions ...

CVE-2016-2286HIGH7.5ten sam produkt

Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1....

CVE-2016-2295HIGH7.5ten sam produkt

Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1....

CVE-2016-9346MEDIUM5.3ten sam produkt

An issue was discovered in Moxa MiiNePort E1 versions prior to 1.8, E2 versions prior to 1.4, and E3 versions ...

CVE-2023-39979CRITICAL9.8ten sam vendor

There is a vulnerability in MXsecurity versions prior to 1.0.1 that can be exploited to bypass authentication....