OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to a lack of neutralized inputs in the web key upload function. An attacker could modify the intended commands sent to target functions, which could cause malicious users to execute unauthorized commands.
History

Tue, 24 Sep 2024 17:30:00 +0000

Type Values Removed Values Added
First Time appeared Moxa
Moxa oncell G3470a-lte-eu
Moxa oncell G3470a-lte-eu-t
Moxa oncell G3470a-lte-eu-t Firmware
Moxa oncell G3470a-lte-eu Firmware
Moxa oncell G3470a-lte-us
Moxa oncell G3470a-lte-us-t
Moxa oncell G3470a-lte-us-t Firmware
Moxa oncell G3470a-lte-us Firmware
CPEs cpe:2.3:h:moxa:oncell_g3470a-lte-eu-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:oncell_g3470a-lte-eu:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:oncell_g3470a-lte-us-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:oncell_g3470a-lte-us:-:*:*:*:*:*:*:*
cpe:2.3:o:moxa:oncell_g3470a-lte-eu-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:oncell_g3470a-lte-eu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:oncell_g3470a-lte-us-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:oncell_g3470a-lte-us_firmware:*:*:*:*:*:*:*:*
Vendors & Products Moxa
Moxa oncell G3470a-lte-eu
Moxa oncell G3470a-lte-eu-t
Moxa oncell G3470a-lte-eu-t Firmware
Moxa oncell G3470a-lte-eu Firmware
Moxa oncell G3470a-lte-us
Moxa oncell G3470a-lte-us-t
Moxa oncell G3470a-lte-us-t Firmware
Moxa oncell G3470a-lte-us Firmware

cve-icon MITRE

Status: PUBLISHED

Assigner: Moxa

Published: 2024-06-25T08:49:24.910Z

Updated: 2024-08-01T20:47:41.421Z

Reserved: 2024-05-08T00:44:40.423Z

Link: CVE-2024-4638

cve-icon Vulnrichment

Updated: 2024-08-01T20:47:41.421Z

cve-icon NVD

Status : Modified

Published: 2024-06-25T09:15:57.413

Modified: 2024-11-21T09:43:15.817

Link: CVE-2024-4638

cve-icon Redhat

No data.