CVE-2018-5455

Name of the Vulnerable Software and Affected Versions Moxa OnCell G3100-HSPA Series versions 1.4 Build 16062919 and prior

Description A Reliance on Cookies without Validation and Integrity Checking issue allows an attacker to bypass authentication by performing a brute force attack on a cookie parameter that can consist of only digits, gaining access to device functions.

Recommendations For Moxa OnCell G3100-HSPA Series versions 1.4 Build 16062919 and prior, consider restricting access to the device until a fix is available, and avoid using the cookie parameter for authentication purposes. At the moment, there is no information about a newer version that contains a fix for this vulnerability.