CVE-2015-6480 – Moxa OnCell Central Manager Server MessageBrokerServlet Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2015-6480
The MessageBrokerServlet servlet in Moxa OnCell Central Manager before 2.2 does not require authentication, which allows remote attackers to obtain administrative access via a command, as demonstrated by the addUserAndGroup action. El servlet MessageBrokerServlet en Moxa OnCell Central Manager en versiones anteriores a 2.2 no requiere autenticación, lo que permite a atacantes remotos obtener acceso administrativo a través de un comando, según lo demostrado por la acción addUserAndGroup. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Moxa OnCell Central Manager Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MessageBrokerServlet servlet, which does not ensure a user is authenticated prior to accepting commands. An attacker can exploit this condition to perform various actions, including addUserAndGroup, to take full control of the product and achieve code execution on all managed hosts. • http://zerodayinitiative.com/advisories/ZDI-15-452 https://ics-cert.us-cert.gov/advisories/ICSA-15-328-01 • CWE-287: Improper Authentication •
CVE-2015-6481 – Moxa OnCell Central Manager Server RequestController Static Credentials Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-6481
The login function in the RequestController class in Moxa OnCell Central Manager before 2.2 has a hardcoded root password, which allows remote attackers to obtain administrative access via a login session. La función de inicio de sesión en la clase RequestController en Moxa OnCell Central Manager en versiones anteriores a 2.2 tiene una contraseña de root embebida, lo que permite a atacantes remotos obtener acceso administrativo a través de un inicio de sesión. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Moxa OnCell Central Manager Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RequestController class. The specific flaw exists within the login() function which contains hard-coded credentials. • http://zerodayinitiative.com/advisories/ZDI-15-453 https://ics-cert.us-cert.gov/advisories/ICSA-15-328-01 •