CSRF tokens are not used in the web application of Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior, which makes it possible to perform CSRF attacks on the device administrator.
References
Link | Resource |
---|---|
https://github.com/klsecservices/Advisories/blob/master/KL-MOXA-2018-106.md | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-07-03T14:46:54
Updated: 2019-07-03T14:46:54
Reserved: 2018-05-24T00:00:00
Link: CVE-2018-11427
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-07-03T15:15:10.633
Modified: 2019-07-10T12:19:44.480
Link: CVE-2018-11427
JSON object: View
Redhat Information
No data.
CWE