Kaspersky Lab Advisory

(KL-MOXA-2018-101) Memory corruption

Affected Hardware/Software

Moxa OnCell G3100-HSPA Series Firmware version 1.5 Build 17042015 and prior

Severity level

Impact: Remote code execution
Access Vector: Remote
CVSS v3 Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Overall CVSS Score: 7.5
CVE ID: CVE-2018-11420
CWE ID: 190

Hardware/Software description

Moxa OnCell G3100-HSPA Series devices are industrial five-band HSPA high speed IP gateways with VPN functionality

Vulnerability description

Memory corruption in the web interface Moxa OnCell G3100-HSPA Series version 1.5 Build 17042015 and prior, a different vulnerability than CVE-2018-11423.

Mitigation

Apply firmware patch from vendor.

Credits

Vulnerability was discovered by Radu Motspan (Kaspersky Lab).

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

KL-MOXA-2018-101.md

KL-MOXA-2018-101.md

Kaspersky Lab Advisory

(KL-MOXA-2018-101) Memory corruption

Affected Hardware/Software

Severity level

Hardware/Software description

Vulnerability description

Mitigation

Credits

Files

KL-MOXA-2018-101.md

Latest commit

History

KL-MOXA-2018-101.md

File metadata and controls

Kaspersky Lab Advisory

(KL-MOXA-2018-101) Memory corruption

Affected Hardware/Software

Severity level

Hardware/Software description

Vulnerability description

Mitigation

Credits