PT-2021-7481 · Moxa · Moxa Oncell G3470A-Lte+6
Published
2021-12-30
·
Updated
2021-12-30
·
CVE-2021-37758
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Moxa OnCell G3150A-LTE, OnCell G3470A-LTE, and WDR-3124A (affected versions not specified)
Moxa AWK-3131A, AWK-4131A, AWK-1131A, and AWK-1137C (affected versions not specified)
Description
The issue is related to incorrect cryptographic signature verification in the firmware of certain Moxa industrial LTE modems and wireless access points. This could allow an attacker to perform cross-site scripting attacks.
Recommendations
For Moxa OnCell G3150A-LTE, OnCell G3470A-LTE, and WDR-3124A, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
For Moxa AWK-3131A, AWK-4131A, AWK-1131A, and AWK-1137C, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improper Verification of Cryptographic Signature
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Moxa Awk-1131A
Moxa Awk-1137C
Moxa Awk-3131A
Moxa Awk-4131A
Moxa Oncell G3150A-Lte
Moxa Oncell G3470A-Lte
Moxa Wdr-3124A