CVE-2016-5819
Severity Score
6.1
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Moxa G3100V2 Series, editions prior to Version 2.8, and OnCell G3111/G3151/G3211/G3251 Series, editions prior to Version 1.7 allows a reflected cross-site scripting attack which may allow an attacker to execute arbitrary script code in the user’s browser within the trust relationship between their browser and the server.
Las series Moxa G3100V2, ediciones anteriores a la Versión 2.8, y OnCell G3111 / G3151 / G3211 / G3251 Series, ediciones anteriores a la Versión 1.7 permiten un ataque de secuencias de comandos en sitios cruzados que puede permitir que un atacante ejecute código de script arbitrario en el navegador del usuario relación de confianza entre su navegador y el servidor.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2016-06-23 CVE Reserved
- 2019-03-21 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-16-236-01 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Moxa Search vendor "Moxa" | Oncell G3100v2 Firmware Search vendor "Moxa" for product "Oncell G3100v2 Firmware" | < 2.8 Search vendor "Moxa" for product "Oncell G3100v2 Firmware" and version " < 2.8" | - |
Affected
| in | Moxa Search vendor "Moxa" | Oncell G3100v2 Search vendor "Moxa" for product "Oncell G3100v2" | - | - |
Safe
|
| Moxa Search vendor "Moxa" | Oncell G3111 Firmware Search vendor "Moxa" for product "Oncell G3111 Firmware" | < 1.7 Search vendor "Moxa" for product "Oncell G3111 Firmware" and version " < 1.7" | - |
Affected
| in | Moxa Search vendor "Moxa" | Oncell G3111 Search vendor "Moxa" for product "Oncell G3111" | - | - |
Safe
|
| Moxa Search vendor "Moxa" | Oncell G3151 Firmware Search vendor "Moxa" for product "Oncell G3151 Firmware" | < 1.7 Search vendor "Moxa" for product "Oncell G3151 Firmware" and version " < 1.7" | - |
Affected
| in | Moxa Search vendor "Moxa" | Oncell G3151 Search vendor "Moxa" for product "Oncell G3151" | - | - |
Safe
|
| Moxa Search vendor "Moxa" | Oncell G3211 Firmware Search vendor "Moxa" for product "Oncell G3211 Firmware" | < 1.7 Search vendor "Moxa" for product "Oncell G3211 Firmware" and version " < 1.7" | - |
Affected
| in | Moxa Search vendor "Moxa" | Oncell G3211 Search vendor "Moxa" for product "Oncell G3211" | - | - |
Safe
|
| Moxa Search vendor "Moxa" | Oncell G3251 Firmware Search vendor "Moxa" for product "Oncell G3251 Firmware" | < 1.7 Search vendor "Moxa" for product "Oncell G3251 Firmware" and version " < 1.7" | - |
Affected
| in | Moxa Search vendor "Moxa" | Oncell G3251 Search vendor "Moxa" for product "Oncell G3251" | - | - |
Safe
|