CVE-2016-9371

Name of the Vulnerable Software and Affected Versions Moxa NPort 5110 versions prior to 2.6 Moxa NPort 5130/5150 Series versions prior to 3.6 Moxa NPort 5200 Series versions prior to 2.8 Moxa NPort 5400 Series versions prior to 3.11 Moxa NPort 5600 Series versions prior to 3.7 Moxa NPort 5100A Series & NPort P5150A versions prior to 1.3 Moxa NPort 5200A Series versions prior to 1.3 Moxa NPort 5150AI-M12 Series versions prior to 1.2 Moxa NPort 5250AI-M12 Series versions prior to 1.2 Moxa NPort 5450AI-M12 Series versions prior to 1.2 Moxa NPort 5600-8-DT Series versions prior to 2.4 Moxa NPort 5600-8-DTL Series versions prior to 2.4 Moxa NPort 6x50 Series versions prior to 1.13.11 Moxa NPort IA5450A versions prior to v1.4

Description The issue is related to user-controlled input not being neutralized before being output to a web page, which can lead to CROSS-SITE SCRIPTING.

Recommendations For Moxa NPort 5110 versions prior to 2.6, update to version 2.6 or later. For Moxa NPort 5130/5150 Series versions prior to 3.6, update to version 3.6 or later. For Moxa NPort 5200 Series versions prior to 2.8, update to version 2.8 or later. For Moxa NPort 5400 Series versions prior to 3.11, update to version 3.11 or later. For Moxa NPort 5600 Series versions prior to 3.7, update to version 3.7 or later. For Moxa NPort 5100A Series & NPort P5150A versions prior to 1.3, update to version 1.3 or later. For Moxa NPort 5200A Series versions prior to 1.3, update to version 1.3 or later. For Moxa NPort 5150AI-M12 Series versions prior to 1.2, update to version 1.2 or later. For Moxa NPort 5250AI-M12 Series versions prior to 1.2, update to version 1.2 or later. For Moxa NPort 5450AI-M12 Series versions prior to 1.2, update to version 1.2 or later. For Moxa NPort 5600-8-DT Series versions prior to 2.4, update to version 2.4 or later. For Moxa NPort 5600-8-DTL Series versions prior to 2.4, update to version 2.4 or later. For Moxa NPort 6x50 Series versions prior to 1.13.11, update to version 1.13.11 or later. For Moxa NPort IA5450A versions prior to v1.4, update to version v1.4 or later.