MOXA NPort IAW5000A-I/O Series
Description
Session fixation in MOXA NPort IAW5000A-I/O web server (firmware ≤2.1) allows attackers to hijack user sessions by stealing cookies.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Session fixation in MOXA NPort IAW5000A-I/O web server (firmware ≤2.1) allows attackers to hijack user sessions by stealing cookies.
Vulnerability
The built-in WEB server in MOXA NPort IAW5000A-I/O firmware version 2.1 or lower suffers from session fixation (CWE-384). The server incorrectly implements protections against session fixation, allowing an attacker to set a predetermined session ID and later hijack the session by stealing the user's cookies [1].
Exploitation
An attacker can exploit this vulnerability remotely with low skill level. The attacker must trick a user into authenticating with a session ID controlled by the attacker, then steal the user's cookies to hijack the session. No authentication is required for the initial attack, but user interaction is needed [1].
Impact
Successful exploitation allows the attacker to gain access to and hijack the user's session, leading to high confidentiality, integrity, and availability impact. The CVSS v3 base score is 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) [1].
Mitigation
Not yet disclosed in the available references. Users should monitor the vendor's security advisories for firmware updates or workarounds [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2<=2.1+ 1 more
- (no CPE)range: <=2.1
- (no CPE)range: unspecified
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- us-cert.cisa.gov/ics/advisories/icsa-20-287-01mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.