ГлавнаяУязвимости → CVE-2024-4638
7.1высокая

CVE-2024-4638

Описание

OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to a lack of neutralized inputs in the web key upload function. An attacker could modify the intended commands sent to target functions, which could cause malicious users to execute unauthorized commands.

Затрагиваемое ПО
Moxa Oncell g3470a-lte-eu-t firmwareMoxa Oncell g3470a-lte-eu-tMoxa Oncell g3470a-lte-eu firmwareMoxa Oncell g3470a-lte-euMoxa Oncell g3470a-lte-us firmwareMoxa Oncell g3470a-lte-usMoxa Oncell g3470a-lte-us-t firmwareMoxa Oncell g3470a-lte-us-t
CVSS
Балл7.1 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Источники
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-242550-oncell-g3470a-lte-series-multiple-web-application-vulnerabilitieshttps://www.moxa.com/en/support/product-support/security-advisory/mpsa-242550-oncell-g3470a-lte-series-multiple-web-application-vulnerabilities