HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2024-4640

CVSS 7.1v3.1pub. 2024-06-25upd. 2025-03-10

OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to missing bounds checking on buffer operations. An attacker could write past the boundaries of allocated buffer regions in memory, causing a program crash.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  • Moxa Oncell G3470a Lte Eu

    HW
    Moxa
    wszystkie wersje
  • Moxa Oncell G3470a Lte Eu Firmware

    OS
    Moxa
    ≤ 1.7.7
  • Moxa Oncell G3470a Lte Eu T

    HW
    Moxa
    wszystkie wersje
  • Moxa Oncell G3470a Lte Eu T Firmware

    OS
    Moxa
    ≤ 1.7.7
  • Moxa Oncell G3470a Lte Us

    HW
    Moxa
    wszystkie wersje
  • Moxa Oncell G3470a Lte Us Firmware

    OS
    Moxa
    ≤ 1.7.7
  • Moxa Oncell G3470a Lte Us T

    HW
    Moxa
    wszystkie wersje
  • Moxa Oncell G3470a Lte Us T Firmware

    OS
    Moxa
    ≤ 1.7.7
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2018-11425CRITICAL9.8ten sam produkt

Memory corruption issue was discovered in Moxa OnCell G3470A-LTE Series version 1.6 Build 18021314 and prior, ...

CVE-2024-4638HIGH7.1ten sam produkt

OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to a lack o...

CVE-2024-4639HIGH7.1ten sam produkt

OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to a lack o...

CVE-2021-39279HIGH8.8ten sam produkt

Certain MOXA devices allow Authenticated Command Injection via /forms/web_importTFTP. This affects WAC-2004 1....

CVE-2018-11424HIGH7.5ten sam produkt

There is Memory corruption in the web interface of Moxa OnCell G3470A-LTE Series version 1.6 Build 18021314 an...