PT-2016-5088 · Moxa · Miineport E2 1242+4
Karn Ganeshen
·
Publicado
2016-05-31
·
Atualizado
2016-11-30
·
CVE-2016-2285
CVSS v3.1
8.8
Alta
| Vetor | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Moxa MiiNePort E1 4641 version 1.1.10 Build 09120714
Moxa MiiNePort E1 7080 version 1.1.10 Build 09120714
Moxa MiiNePort E2 1242 version 1.1 Build 10080614
Moxa MiiNePort E2 4561 version 1.1 Build 10080614
Moxa MiiNePort E3 version 1.0 Build 11071409
Description
A cross-site request forgery (CSRF) issue allows remote attackers to hijack the authentication of arbitrary users. This can be exploited by tricking a user into performing unintended actions on the web application.
Recommendations
For Moxa MiiNePort E1 4641 version 1.1.10 Build 09120714, update the firmware to a version that addresses the CSRF vulnerability.
For Moxa MiiNePort E1 7080 version 1.1.10 Build 09120714, update the firmware to a version that addresses the CSRF vulnerability.
For Moxa MiiNePort E2 1242 version 1.1 Build 10080614, update the firmware to a version that addresses the CSRF vulnerability.
For Moxa MiiNePort E2 4561 version 1.1 Build 10080614, update the firmware to a version that addresses the CSRF vulnerability.
For Moxa MiiNePort E3 version 1.0 Build 11071409, update the firmware to a version that addresses the CSRF vulnerability.
Correção
CSRF
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Miineport E3
Miineport E1 4641
Miineport E1 7080
Miineport E2 1242
Miineport E2 4561