CVE-2018-11427

Name of the Vulnerable Software and Affected Versions Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior

Description The issue is related to the absence of CSRF tokens in the web application, which allows for CSRF attacks on the device administrator. This can be exploited by a remote attacker to perform intersite request forgery. The estimated number of potentially affected devices worldwide is not specified.

Recommendations For Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior, consider implementing CSRF token validation to prevent CSRF attacks. As a temporary workaround, restrict access to the web application to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.