Vulnerabilities > CVE-2022-40691 - Unspecified vulnerability in Moxa Sds-3008-T Firmware and Sds-3008 Firmware
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
NONE Availability impact
NONE Summary
An information disclosure vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to a disclosure of sensitive information. An attacker can send an HTTP request to trigger this vulnerability.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 2 | |
Hardware | 2 |
References
- https://talosintelligence.com/vulnerability_reports/TALOS-2022-1621
- https://talosintelligence.com/vulnerability_reports/TALOS-2022-1621
- https://www.moxa.com/en/support/product-support/security-advisory/sds-3008-series-multiple-web-vulnerabilities
- https://www.moxa.com/en/support/product-support/security-advisory/sds-3008-series-multiple-web-vulnerabilities
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1621