Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. A predictable mechanism of generating tokens allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款Moxa产品跨站请求伪造漏洞
Vulnerability Description
Moxa MGate MB3170等都是中国台湾摩莎(Moxa)公司的产品。Moxa MGate MB3170是一款MB3170系列以太网网关产品。Moxa MGate MB3270是一款MB3270系列以太网网关产品。Moxa MGate MB3280是一款MB3280系列以太网网关产品。 多款Moxa产品中存在跨站请求伪造漏洞,该漏洞源于程序使用了较弱的令牌生成机制。远程攻击者可利用该漏洞绕过跨站请求伪造保护机制,执行未授权的操作。以下产品及版本受到影响:使用4.0及之前版本固件的Moxa MB317
CVSS Information
N/A
Vulnerability Type
N/A