CVE-2015-6466
https://notcve.org/view.php?id=CVE-2015-6466
Cross-site scripting (XSS) vulnerability in the Diagnosis Ping feature in the administrative web interface on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote attackers to inject arbitrary web script or HTML via an unspecified field. Vulnerabilidad de XSS en la funcionalidad Diagnosis Ping en la interfaz web administrativa en switches Moxa EDS-405A y EDS-408A con firmware anterior a 3.6, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de un campo no especificado. • http://www.moxa.com/support/download.aspx?type=support&id=328 https://ics-cert.us-cert.gov/advisories/ICSA-15-246-03 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2015-6465
https://notcve.org/view.php?id=CVE-2015-6465
The GoAhead web server on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote authenticated users to cause a denial of service (reboot) via a crafted URL. Vulnerabilidad en el servidor web GoAhead en switches Moxa EDS-405A y EDS-408A con firmware anterior a 3.6, permite a usuarios remotos autenticados causar una denegación de servicio (reinicio) a través de una URL manipulada. • http://www.moxa.com/support/download.aspx?type=support&id=328 http://www.securitytracker.com/id/1033543 https://ics-cert.us-cert.gov/advisories/ICSA-15-246-03 •
CVE-2015-6464
https://notcve.org/view.php?id=CVE-2015-6464
The administrative web interface on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote authenticated users to bypass a read-only protection mechanism by using Firefox with a web-developer plugin. Vulnerabilidad en la interfaz web administrativa en switches Moxa EDS-405A y EDS-408A con firmware anterior a 3.6, permite a usuarios remotos autenticados eludir un mecanismo de protección de solo lectura utilizando Firefox con un plugin de desarrollador web. • http://www.moxa.com/support/download.aspx?type=support&id=328 https://ics-cert.us-cert.gov/advisories/ICSA-15-246-03 •