Host Header Injection Vulnerability in Moxa Ethernet Switches
CVE-2025-1680

NONE

Key Information:

Vendor: Moxa
Status: Tn-4500a Series; Tn-5500a Series; Tn-g4500 Series; Tn-g6500 Series
Vendor: CVE Published:; 23 October 2025

What is CVE-2025-1680?

A significant vulnerability has been identified in Moxa's Ethernet switches, allowing attackers with administrative privileges to inject specially crafted Host headers into HTTP requests. This type of Host Header Injection can lead to various security risks, including the potential for redirecting users, forging links, or facilitating phishing attacks. While the vulnerability does not compromise the confidentiality, integrity, or availability of the device itself or related systems, it poses a serious risk for user interactions with web services. Organizations utilizing Moxa Ethernet switches should take immediate action to implement mitigations against this vulnerability.

Affected Version(s)

TN-4500A Series 1.0 <= 3.13

TN-5500A Series 1.0 <= 3.13

TN-G4500 Series 1.0 <= 5.5

References

https://www.moxa.com/en/support/product-support/security-...

vendor-advisory

https://www.hackrtu.com/blog/cg-technical-en-003/

technical-description

CVSS V4

Score:

Severity:

NONE

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 23, 2025
Vulnerability Reserved
Feb 25, 2025

Credit

Aarón Flecha Menéndez

Víctor Bello Cuevas

JSON