Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Oncell_g3470a\-Lte\-Eu_firmware
(Moxa)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 8 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2024-06-25 | CVE-2024-4639 | OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to a lack of neutralized inputs in IPSec configuration. An attacker could modify the intended commands sent to target functions, which could cause malicious users to execute unauthorized commands. | Oncell_g3470a\-Lte\-Eu\-T_firmware, Oncell_g3470a\-Lte\-Eu_firmware, Oncell_g3470a\-Lte\-Us\-T_firmware, Oncell_g3470a\-Lte\-Us_firmware | 8.8 | ||
2024-06-25 | CVE-2024-4638 | OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to a lack of neutralized inputs in the web key upload function. An attacker could modify the intended commands sent to target functions, which could cause malicious users to execute unauthorized commands. | Oncell_g3470a\-Lte\-Eu\-T_firmware, Oncell_g3470a\-Lte\-Eu_firmware, Oncell_g3470a\-Lte\-Us\-T_firmware, Oncell_g3470a\-Lte\-Us_firmware | 8.8 | ||
2024-06-25 | CVE-2024-4640 | OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to missing bounds checking on buffer operations. An attacker could write past the boundaries of allocated buffer regions in memory, causing a program crash. | Oncell_g3470a\-Lte\-Eu\-T_firmware, Oncell_g3470a\-Lte\-Eu_firmware, Oncell_g3470a\-Lte\-Us\-T_firmware, Oncell_g3470a\-Lte\-Us_firmware | 8.2 | ||
2024-06-25 | CVE-2024-4641 | OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to accepting a format string from an external source as an argument. An attacker could modify an externally controlled format string to cause a memory leak and denial of service. | Oncell_g3470a\-Lte\-Eu\-T_firmware, Oncell_g3470a\-Lte\-Eu_firmware, Oncell_g3470a\-Lte\-Us\-T_firmware, Oncell_g3470a\-Lte\-Us_firmware | 9.8 | ||
2021-09-07 | CVE-2021-39278 | Certain MOXA devices allow reflected XSS via the Config Import menu. This affects WAC-2004 1.7, WAC-1001 2.1, WAC-1001-T 2.1, OnCell G3470A-LTE-EU 1.7, OnCell G3470A-LTE-EU-T 1.7, TAP-323-EU-CT-T 1.3, TAP-323-US-CT-T 1.3, TAP-323-JP-CT-T 1.3, WDR-3124A-EU 2.3, WDR-3124A-EU-T 2.3, WDR-3124A-US 2.3, and WDR-3124A-US-T 2.3. | Oncell_g3470a\-Lte\-Eu\-T_firmware, Oncell_g3470a\-Lte\-Eu_firmware, Tap\-323\-Eu\-Ct\-T_firmware, Tap\-323\-Jp\-Ct\-T_firmware, Tap\-323\-Us\-Ct\-T_firmware, Wac\-1001\-T_firmware, Wac\-1001_firmware, Wac\-2004_firmware, Wdr\-3124a\-Eu\-T_firmware, Wdr\-3124a\-Eu_firmware, Wdr\-3124a\-Us\-T_firmware, Wdr\-3124a\-Us_firmware | 6.1 | ||
2021-09-07 | CVE-2021-39279 | Certain MOXA devices allow Authenticated Command Injection via /forms/web_importTFTP. This affects WAC-2004 1.7, WAC-1001 2.1, WAC-1001-T 2.1, OnCell G3470A-LTE-EU 1.7, OnCell G3470A-LTE-EU-T 1.7, TAP-323-EU-CT-T 1.3, TAP-323-US-CT-T 1.3, TAP-323-JP-CT-T 1.3, WDR-3124A-EU 2.3, WDR-3124A-EU-T 2.3, WDR-3124A-US 2.3, and WDR-3124A-US-T 2.3. | Oncell_g3470a\-Lte\-Eu\-T_firmware, Oncell_g3470a\-Lte\-Eu_firmware, Tap\-323\-Eu\-Ct\-T_firmware, Tap\-323\-Jp\-Ct\-T_firmware, Tap\-323\-Us\-Ct\-T_firmware, Wac\-1001\-T_firmware, Wac\-1001_firmware, Wac\-2004_firmware, Wdr\-3124a\-Eu\-T_firmware, Wdr\-3124a\-Eu_firmware, Wdr\-3124a\-Us\-T_firmware, Wdr\-3124a\-Us_firmware | 8.8 | ||
2019-07-03 | CVE-2018-11424 | There is Memory corruption in the web interface of Moxa OnCell G3470A-LTE Series version 1.6 Build 18021314 and prior, a different vulnerability than CVE-2018-11425. | Oncell_g3470a\-Lte\-Eu\-T_firmware, Oncell_g3470a\-Lte\-Eu_firmware, Oncell_g3470a\-Lte\-Us\-T_firmware, Oncell_g3470a\-Lte\-Us_firmware | 7.5 | ||
2019-07-03 | CVE-2018-11425 | Memory corruption issue was discovered in Moxa OnCell G3470A-LTE Series version 1.6 Build 18021314 and prior, a different vulnerability than CVE-2018-11424. | Oncell_g3470a\-Lte\-Eu\-T_firmware, Oncell_g3470a\-Lte\-Eu_firmware, Oncell_g3470a\-Lte\-Us\-T_firmware, Oncell_g3470a\-Lte\-Us_firmware | 9.8 |