CVE-2017-7917

Summary

A Cross-Site Request Forgery issue was discovered in Moxa OnCell G3110-HSPA Version 1.3 build 15082117 and previous versions, OnCell G3110-HSDPA Version 1.2 Build 09123015 and previous versions, OnCell G3150-HSDPA Version 1.4 Build 11051315 and previous versions, OnCell 5104-HSDPA, OnCell 5104-HSPA, and OnCell 5004-HSPA. The application does not sufficiently verify if a request was intentionally provided by the user who submitted the request, which could allow an attacker to modify the configuration of the device.

Affected Software

VendorProductVersion RangeStatus
n/aMoxa OnCellMoxa OnCellaffected

Weaknesses

  • CWE-352: CWE-352

ADP Enrichment

CVE Program Container

Additional References

References