N/A

An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series & NPort P5150A versions prior to 1.3, NPort 5200A Series versions prior to 1.3, NPort 5150AI-M12 Series versions prior to 1.2, NPort 5250AI-M12 Series versions prior to 1.2, NPort 5450AI-M12 Series versions prior to 1.2, NPort 5600-8-DT Series versions prior to 2.4, NPort 5600-8-DTL Series versions prior to 2.4, NPort 6x50 Series versions prior to 1.13.11, NPort IA5450A versions prior to v1.4. Requests are not verified to be intentionally submitted by the proper user (CROSS-SITE REQUEST FORGERY).

N/A

N/A

多款Moxa Nport产品跨站请求伪造漏洞

Moxa NPort P5150A等都是摩莎（Moxa）公司的用于将工业串口设备连上网络的串口通讯服务器。 多款Moxa Nport产品中存在跨站请求伪造漏洞。攻击者可通过发送特制的请求利用该漏洞执行未授权操作。以下版本受到影响：NPort 5110 2.6之前的版本；NPort 5130/5150系列 3.6之前的版本；NPort 5200系列 2.8之前的版本；NPort 5400系列 3.11之前的版本；NPort 5600系列 3.7之前的版本；NPort 5100A系列 1.3之前的版本和NPo

N/A

N/A