HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2024-4639

CVSS 7.1v3.1pub. 2024-06-25upd. 2025-03-10

OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to a lack of neutralized inputs in IPSec configuration. An attacker could modify the intended commands sent to target functions, which could cause malicious users to execute unauthorized commands.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
  • Moxa Oncell G3470a Lte Eu

    HW
    Moxa
    wszystkie wersje
  • Moxa Oncell G3470a Lte Eu Firmware

    OS
    Moxa
    ≤ 1.7.7
  • Moxa Oncell G3470a Lte Eu T

    HW
    Moxa
    wszystkie wersje
  • Moxa Oncell G3470a Lte Eu T Firmware

    OS
    Moxa
    ≤ 1.7.7
  • Moxa Oncell G3470a Lte Us

    HW
    Moxa
    wszystkie wersje
  • Moxa Oncell G3470a Lte Us Firmware

    OS
    Moxa
    ≤ 1.7.7
  • Moxa Oncell G3470a Lte Us T

    HW
    Moxa
    wszystkie wersje
  • Moxa Oncell G3470a Lte Us T Firmware

    OS
    Moxa
    ≤ 1.7.7
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2018-11425CRITICAL9.8ten sam produkt

Memory corruption issue was discovered in Moxa OnCell G3470A-LTE Series version 1.6 Build 18021314 and prior, ...

CVE-2024-4638HIGH7.1ten sam produkt

OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to a lack o...

CVE-2024-4640HIGH7.1ten sam produkt

OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to missing ...

CVE-2021-39279HIGH8.8ten sam produkt

Certain MOXA devices allow Authenticated Command Injection via /forms/web_importTFTP. This affects WAC-2004 1....

CVE-2018-11424HIGH7.5ten sam produkt

There is Memory corruption in the web interface of Moxa OnCell G3470A-LTE Series version 1.6 Build 18021314 an...