Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
MOXA NPort IAW5000A-I/O Series
Vulnerability Description
The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower has incorrectly implemented protections from session fixation, which may allow an attacker to gain access to a session and hijack it by stealing the user’s cookies.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
会话固定
Vulnerability Title
MOXA NPort IAW5000A-I/O Series 授权问题漏洞
Vulnerability Description
MOXA NPort IAW5000A-I/O Series是中国台湾摩莎(MOXA)公司的一款工业环境下使用的无线设备服务器。该服务器可实现现场串口设备与无线以太网络相集成,并且融合了数字IO,适用于工业数据采集应用。 MOXA NPort IAW5000A-I/O Series 存在授权问题漏洞。目前尚无此漏洞的相关信息,请随时关注CNNVD或厂商公告。
CVSS Information
N/A
Vulnerability Type
N/A