CVE-2017-13700
Description
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. There is XSS in the administration interface.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
XSS vulnerability in MOXA EDS-G512E switch admin interface firmware 5.1 build 16072215 allows script injection.
Vulnerability
Cross-site scripting (XSS) exists in the administration interface of MOXA EDS-G512E switches running firmware version 5.1 build 16072215 [1]. The vulnerability allows an attacker to inject arbitrary JavaScript code into the interface.
Exploitation
An attacker can exploit this XSS by tricking an authenticated administrator into clicking a crafted link or visiting a malicious page while logged into the switch's web interface. No authentication is required for the initial injection, but the attack targets an admin session.
Impact
Successful exploitation enables the attacker to execute JavaScript in the context of the administrator's session, potentially leading to session hijacking, credential theft, or unauthorized configuration changes.
Mitigation
As of the publication date (2017-11-17), no official fix or workaround was disclosed in the available reference [1]. Users are advised to contact MOXA for firmware updates or restrict access to the administration interface.
AI Insight generated on May 22, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.sentryo.net/fr/sentryo-analyse-switch-industriel/nvdThird Party Advisory
News mentions
0No linked articles in our index yet.