CVE-2025-1679
Description
Cross-site Scripting has been identified in Moxa’s Ethernet switches, which allows an authenticated administrative attacker to inject malicious scripts to an affected device’s web service that could impact authenticated users interacting with the device’s web interface. This vulnerability is classified as stored cross-site scripting (XSS); attackers inject malicious scripts into the system, and the scripts persist across sessions. There is no impact to the confidentiality, integrity, and availability of the affected device; no loss of availability within any subsequent systems but has some loss of confidentiality and integrity within the subsequent system.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
An authenticated admin can inject persistent XSS into Moxa Ethernet switch web interfaces, affecting other authenticated users.
Vulnerability
Overview
CVE-2025-1679 is a stored cross-site scripting (XSS) vulnerability in Moxa's Ethernet switches. An authenticated attacker with administrative privileges can inject malicious scripts into the device's web service. These scripts persist across sessions, meaning they are stored on the device and executed whenever other authenticated users interact with the affected web interface [1].
Exploitation and
Attack Surface
The attack requires administrative access to the device's web interface. Once authenticated, the attacker injects the malicious script through a vulnerable input field. The script is then stored and served to other authenticated users who visit the affected page. No user interaction beyond normal browsing is needed for the stored script to execute [1].
Impact
Successful exploitation leads to a loss of confidentiality and integrity for the subsequent system (the browser of the victim user). The attacker can perform actions such as session hijacking, defacement, or redirection to malicious sites. The advisory explicitly states there is no impact to the confidentiality, integrity, or availability of the affected device itself, nor any loss of availability in subsequent systems [1].
Mitigation
Moxa has released a security advisory (MPSA-257421) with details on affected products and firmware updates. Users are advised to evaluate their environment and apply the recommended updates to remediate the vulnerability [1].
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2News mentions
0No linked articles in our index yet.