CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-6094 – OnCell G3150A-LTE Series: Web Server Transmits Cleartext Credentials
https://notcve.org/view.php?id=CVE-2023-6094
A vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior. The vulnerability results from lack of protection for sensitive information during transmission. An attacker eavesdropping on the traffic between the web browser and server may obtain sensitive information. This type of attack could be executed to gather sensitive information or to facilitate a subsequent attack against the target. Se ha identificado una vulnerabilidad en las versiones de firmware de la serie OnCell G3150A-LTE v1.3 y anteriores. • https://www.moxa.com/en/support/product-support/security-advisory/oncell-g3150a-lte-series-multiple-web-application-vulnerabilities-and-security-enhancement • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-6093 – OnCell G3150A-LTE Series: Clickjacking Vulnerability
https://notcve.org/view.php?id=CVE-2023-6093
A clickjacking vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior. This vulnerability is caused by incorrectly restricts frame objects, which can lead to user confusion about which interface the user is interacting with. This vulnerability may lead the attacker to trick the user into interacting with the application. Se ha identificado una vulnerabilidad en las versiones de firmware de la serie OnCell G3150A-LTE v1.3 y anteriores. La vulnerabilidad es el resultado de restringir incorrectamente los objetos del frame, lo que genera confusión en el usuario sobre con qué interfaz está interactuando. • https://www.moxa.com/en/support/product-support/security-advisory/oncell-g3150a-lte-series-multiple-web-application-vulnerabilities-and-security-enhancement • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •