CVE-2018-5453
Severity Score
7.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
An Improper Handling of Length Parameter Inconsistency issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. An attacker may be able to edit the element of an HTTP request, causing the device to become unavailable.
Se ha descubierto un problema de gestión incorrecta de inconsistencia de parámetro length en Moxa OnCell G3100-HSPA Series en versiones 1.4 Build 16062919 y anteriores. Un atacante podría ser capaz de editar el elemento de una petición HTTP, lo que provoca que el dispositivo no esté disponible.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-01-12 CVE Reserved
- 2018-03-05 CVE Published
- 2024-01-13 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
- CWE-130: Improper Handling of Length Parameter Inconsistency
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-18-060-02 | 2019-10-09 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Moxa Search vendor "Moxa" | Oncell G3110-hspa Firmware Search vendor "Moxa" for product "Oncell G3110-hspa Firmware" | <= 1.4 Search vendor "Moxa" for product "Oncell G3110-hspa Firmware" and version " <= 1.4" | - |
Affected
| in | Moxa Search vendor "Moxa" | Oncell G3110-hspa Search vendor "Moxa" for product "Oncell G3110-hspa" | - | - |
Safe
|
| Moxa Search vendor "Moxa" | Oncell G3110-hspa-t Firmware Search vendor "Moxa" for product "Oncell G3110-hspa-t Firmware" | <= 1.4 Search vendor "Moxa" for product "Oncell G3110-hspa-t Firmware" and version " <= 1.4" | - |
Affected
| in | Moxa Search vendor "Moxa" | Oncell G3110-hspa-t Search vendor "Moxa" for product "Oncell G3110-hspa-t" | - | - |
Safe
|
| Moxa Search vendor "Moxa" | Oncell G3150-hspa Firmware Search vendor "Moxa" for product "Oncell G3150-hspa Firmware" | <= 1.4 Search vendor "Moxa" for product "Oncell G3150-hspa Firmware" and version " <= 1.4" | - |
Affected
| in | Moxa Search vendor "Moxa" | Oncell G3150-hspa Search vendor "Moxa" for product "Oncell G3150-hspa" | - | - |
Safe
|
| Moxa Search vendor "Moxa" | Oncell G3150-hspa-t Firmware Search vendor "Moxa" for product "Oncell G3150-hspa-t Firmware" | <= 1.4 Search vendor "Moxa" for product "Oncell G3150-hspa-t Firmware" and version " <= 1.4" | - |
Affected
| in | Moxa Search vendor "Moxa" | Oncell G3150-hspa-t Search vendor "Moxa" for product "Oncell G3150-hspa-t" | - | - |
Safe
|