HIGH🇵🇱 Wersja polska

CVE-2016-9344

CVSS 7.5v3.0pub. 2017-02-13upd. 2026-05-13

An issue was discovered in Moxa MiiNePort E1 versions prior to 1.8, E2 versions prior to 1.4, and E3 versions prior to 1.1. An attacker may be able to brute force an active session cookie to be able to download configuration files.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Moxa Miineport E1

    HW
    Moxa
    wszystkie wersje
  • Moxa Miineport E1 Firmware

    OS
    Moxa
    ≤ 1.7
  • Moxa Miineport E2

    HW
    Moxa
    wszystkie wersje
  • Moxa Miineport E2 Firmware

    OS
    Moxa
    ≤ 1.3
  • Moxa Miineport E3

    HW
    Moxa
    wszystkie wersje
  • Moxa Miineport E3 Firmware

    OS
    Moxa
    ≤ 1.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2023-28697CRITICAL9.8ten sam produkt

Moxa MiiNePort E1 has a vulnerability of insufficient access control. An unauthenticated remote user can explo...

CVE-2016-2285HIGH8.8ten sam produkt

Cross-site request forgery (CSRF) vulnerability on Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 0...

CVE-2016-2286HIGH7.5ten sam produkt

Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1....

CVE-2016-2295HIGH7.5ten sam produkt

Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1....

CVE-2016-9346MEDIUM5.3ten sam produkt

An issue was discovered in Moxa MiiNePort E1 versions prior to 1.8, E2 versions prior to 1.4, and E3 versions ...