CVE-2020-25198

Name of the Vulnerable Software and Affected Versions MOXA NPort IAW5000A-I/O firmware versions 2.1 or lower

Description The issue concerns the built-in WEB server, which has incorrectly implemented protections from session fixation. This may allow an attacker to gain access to a session and hijack it by stealing the user's cookies.

Recommendations For MOXA NPort IAW5000A-I/O firmware versions 2.1 or lower, update to a version higher than 2.1 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.