Cross-Site Request Forgery Vulnerability in Moxa NPort Products
CVE-2016-9365

8.8HIGH

Key Information:

Vendor

Moxa
Status
Moxa Nport
Vendor
CVE Published:
13 February 2017

What is CVE-2016-9365?

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in multiple Moxa NPort products. This vulnerability allows an attacker to send unauthorized requests from users who have authenticated to these devices, potentially compromising their security and integrity. Affected versions include various models of the NPort series prior to their respective updates, making it crucial for users to upgrade to the latest versions to mitigate this risk.

Affected Version(s)

Moxa NPort Moxa NPort

References

https://ics-cert.us-cert.gov/advisories/ICSA-16-336-02
x_refsource_MISC
http://www.securityfocus.com/bid/85965
vdb-entryx_refsource_BID

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.