cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-4641,https://securityvulnerability.io/vulnerability/CVE-2024-4641,OnCell G3470A-LTE Series Firmware Vulnerability,"The OnCell G3470A-LTE Series firmware, particularly versions v1.7.7 and earlier, suffers from a vulnerability due to the improper handling of format strings from external sources. This flaw allows attackers to exploit the system by modifying an externally controlled format string, potentially leading to serious consequences such as memory leaks and subsequent denial of service. Users of affected firmware are recommended to review their systems and apply necessary updates to mitigate the risks associated with this vulnerability.",Moxa,Oncell G3150a-lte Series,9.8,CRITICAL,0.000910000002477318,false,,false,false,false,,,false,false,,2024-06-25T09:23:30.502Z,0
CVE-2024-4640,https://securityvulnerability.io/vulnerability/CVE-2024-4640,Buffer Overflow Vulnerability Affects OnCell G3470A-LTE Series Firmware,"The OnCell G3470A-LTE Series firmware, specifically versions v1.7.7 and prior, has been found to have a vulnerability due to inadequate bounds checking on buffer operations. This oversight allows an attacker to potentially write beyond the limits of allocated buffer regions in memory, which could lead to unexpected program behavior and instability, such as crashes. Organizations utilizing this firmware should be aware of the implications of this vulnerability and take appropriate measures to protect their systems.",Moxa,Oncell G3150a-lte Series,8.2,HIGH,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-06-25T09:19:08.712Z,0
CVE-2024-4639,https://securityvulnerability.io/vulnerability/CVE-2024-4639,Unauthorized Command Execution Vulnerability in OnCell G3470A-LTE Series Firmware,"The OnCell G3470A-LTE Series from Moxa has a vulnerability stemming from improper handling of user inputs in its IPSec configuration. This oversight allows attackers to manipulate commands sent to critical functions within the device. By exploiting this flaw, malicious actors can execute commands that the device administrator did not intend, potentially compromising the integrity and security of the network environment. Users are advised to update to secure firmware versions to mitigate risks associated with this vulnerability.",Moxa,Oncell G3150a-lte Series,8.8,HIGH,0.0004900000058114529,false,,false,false,false,,,false,false,,2024-06-25T09:15:03.229Z,0
CVE-2023-6093,https://securityvulnerability.io/vulnerability/CVE-2023-6093,OnCell G3150A-LTE Series: Clickjacking Vulnerability,"A clickjacking vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior.  This vulnerability is caused by incorrectly restricts frame objects, which can lead to user confusion about which interface the user is interacting with. This vulnerability may lead the attacker to trick the user into interacting with the application.

",Moxa,OnCell G3150A-LTE Series,5.3,MEDIUM,0.0006300000241026282,false,,false,false,false,,,false,false,,2023-12-31T10:15:00.000Z,0
CVE-2023-6094,https://securityvulnerability.io/vulnerability/CVE-2023-6094,OnCell G3150A-LTE Series: Web Server Transmits Cleartext Credentials,"A vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior. The vulnerability results from lack of protection for sensitive information during transmission. An attacker eavesdropping on the traffic between the web browser and server may obtain sensitive information. This type of attack could be executed to gather sensitive information or to facilitate a subsequent attack against the target.

",Moxa,Oncell G3150a-lte Series,5.3,MEDIUM,0.0006300000241026282,false,,false,false,false,,,false,false,,2023-12-31T10:15:00.000Z,0