High severity8.8NVD Advisory· Published May 31, 2016· Updated May 6, 2026

CVE-2016-2285

Description

Cross-site request forgery (CSRF) vulnerability on Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614, MiiNePort_E2_4561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build 11071409 allows remote attackers to hijack the authentication of arbitrary users.

Affected products

Moxa/Miineport E2 1242 Firmware
cpe:2.3:o:moxa:miineport_e2_1242_firmware:1.1:*:*:*:*:*:*:*
Moxa/Miineport E2 4561 Firmware
cpe:2.3:o:moxa:miineport_e2_4561_firmware:1.1:*:*:*:*:*:*:*
Moxa/Miineport E1 7080 Firmware
cpe:2.3:o:moxa:miineport_e1_7080_firmware:1.1.10:*:*:*:*:*:*:*
Moxa/Miineport E3 Firmware
cpe:2.3:o:moxa:miineport_e3_firmware:1.0:*:*:*:*:*:*:*
Moxa/Miineport E1 4641 Firmware
cpe:2.3:o:moxa:miineport_e1_4641_firmware:1.1.10:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

ics-cert.us-cert.gov/advisories/ICSA-16-145-01nvdThird Party AdvisoryUS Government Resource
seclists.org/fulldisclosure/2016/May/7nvd

News mentions

No linked articles in our index yet.

cvss	0.572
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000