VYPR

OnCell G3470A-LTE Series

by Moxa

CVEs (9)

  • CVE-2024-4641Jun 25, 2024
    risk 0.00cvss epss 0.00

    OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to accepting a format string from an external source as an argument. An attacker could modify an externally controlled format string to cause a memory leak and denial of service.

  • CVE-2024-4640Jun 25, 2024
    risk 0.00cvss epss 0.00

    OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to missing bounds checking on buffer operations. An attacker could write past the boundaries of allocated buffer regions in memory, causing a program crash.

  • CVE-2024-4639Jun 25, 2024
    risk 0.00cvss epss 0.00

    OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to a lack of neutralized inputs in IPSec configuration. An attacker could modify the intended commands sent to target functions, which could cause malicious users to execute…

  • CVE-2024-4638Jun 25, 2024
    risk 0.00cvss epss 0.00

    OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to a lack of neutralized inputs in the web key upload function. An attacker could modify the intended commands sent to target functions, which could cause malicious users to…

  • CVE-2023-6094Dec 31, 2023
    risk 0.00cvss epss 0.00

    A vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior. The vulnerability results from lack of protection for sensitive information during transmission. An attacker eavesdropping on the traffic between the web browser and server may…

  • CVE-2023-6093Dec 31, 2023
    risk 0.00cvss epss 0.00

    A clickjacking vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior. This vulnerability is caused by incorrectly restricts frame objects, which can lead to user confusion about which interface the user is interacting with. This…

  • CVE-2021-39279Sep 7, 2021
    risk 0.00cvss epss 0.05

    Certain MOXA devices allow Authenticated Command Injection via /forms/web_importTFTP. This affects WAC-2004 1.7, WAC-1001 2.1, WAC-1001-T 2.1, OnCell G3470A-LTE-EU 1.7, OnCell G3470A-LTE-EU-T 1.7, TAP-323-EU-CT-T 1.3, TAP-323-US-CT-T 1.3, TAP-323-JP-CT-T 1.3, WDR-3124A-EU 2.3,…

  • CVE-2018-11424Jul 3, 2019
    risk 0.00cvss epss 0.01

    There is Memory corruption in the web interface of Moxa OnCell G3470A-LTE Series version 1.6 Build 18021314 and prior, a different vulnerability than CVE-2018-11425.

  • CVE-2018-11425Jul 3, 2019
    risk 0.00cvss epss 0.02

    Memory corruption issue was discovered in Moxa OnCell G3470A-LTE Series version 1.6 Build 18021314 and prior, a different vulnerability than CVE-2018-11424.