CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-30276
https://notcve.org/view.php?id=CVE-2022-30276
26 Jul 2022 — The Motorola MOSCAD and ACE line of RTUs through 2022-05-02 omit an authentication requirement. They feature IP Gateway modules which allow for interfacing between Motorola Data Link Communication (MDLC) networks (potentially over a variety of serial, RF and/or Ethernet links) and TCP/IP networks. Communication with RTUs behind the gateway is done by means of the proprietary IPGW protocol (5001/TCP). This protocol does not have any authentication features, allowing any attacker capable of communicating with... • https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-04 • CWE-306: Missing Authentication for Critical Function •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-7935
https://notcve.org/view.php?id=CVE-2015-7935
23 Dec 2015 — Motorola Solutions MOSCAD IP Gateway allows remote attackers to read arbitrary files via unspecified vectors. Motorola Solutions MOSCAD IP Gateway permite a atacantes remotos leer archivos arbitrarios a través de vectores no especificados. • http://www.securityfocus.com/bid/79624 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-7936
https://notcve.org/view.php?id=CVE-2015-7936
23 Dec 2015 — Cross-site request forgery (CSRF) vulnerability in Motorola Solutions MOSCAD IP Gateway allows remote attackers to hijack the authentication of administrators for requests that modify a password. Vulnerabilidad de CSRF en Motorola Solutions MOSCAD IP Gateway permite a atacantes remotos secuestrar la autenticación de administradores para peticiones que modifican una contraseña. • http://www.securityfocus.com/bid/79624 • CWE-352: Cross-Site Request Forgery (CSRF) •