HIGH🇵🇱 Wersja polska

CVE-2016-2285

CVSS 8.8v3.0pub. 2016-05-31upd. 2026-05-06

Cross-site request forgery (CSRF) vulnerability on Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614, MiiNePort_E2_4561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build 11071409 allows remote attackers to hijack the authentication of arbitrary users.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Moxa Miineport E1 4641

    HW
    Moxa
    wszystkie wersje
  • Moxa Miineport E1 4641 Firmware

    OS
    Moxa
    1.1.10
  • Moxa Miineport E1 7080

    HW
    Moxa
    wszystkie wersje
  • Moxa Miineport E1 7080 Firmware

    OS
    Moxa
    1.1.10
  • Moxa Miineport E2 1242

    HW
    Moxa
    wszystkie wersje
  • Moxa Miineport E2 1242 Firmware

    OS
    Moxa
    1.1
  • Moxa Miineport E2 4561

    HW
    Moxa
    wszystkie wersje
  • Moxa Miineport E2 4561 Firmware

    OS
    Moxa
    1.1
  • Moxa Miineport E3

    HW
    Moxa
    wszystkie wersje
  • Moxa Miineport E3 Firmware

    OS
    Moxa
    1.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2016-9344HIGH7.5ten sam produkt

An issue was discovered in Moxa MiiNePort E1 versions prior to 1.8, E2 versions prior to 1.4, and E3 versions ...

CVE-2016-2286HIGH7.5ten sam produkt

Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1....

CVE-2016-2295HIGH7.5ten sam produkt

Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1....

CVE-2016-9346MEDIUM5.3ten sam produkt

An issue was discovered in Moxa MiiNePort E1 versions prior to 1.8, E2 versions prior to 1.4, and E3 versions ...

CVE-2023-39979CRITICAL9.8ten sam vendor

There is a vulnerability in MXsecurity versions prior to 1.0.1 that can be exploited to bypass authentication....