Vulnerabilities > Moxa > Oncell G3470A LTE EU Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-07 | CVE-2021-39278 | Cross-site Scripting vulnerability in Moxa products Certain MOXA devices allow reflected XSS via the Config Import menu. | 4.3 |
| 2021-09-07 | CVE-2021-39279 | OS Command Injection vulnerability in Moxa products Certain MOXA devices allow Authenticated Command Injection via /forms/web_importTFTP. | 9.0 |
| 2019-07-03 | CVE-2018-11425 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Moxa products Memory corruption issue was discovered in Moxa OnCell G3470A-LTE Series version 1.6 Build 18021314 and prior, a different vulnerability than CVE-2018-11424. | 7.5 |
| 2019-07-03 | CVE-2018-11424 | Out-of-bounds Write vulnerability in Moxa products There is Memory corruption in the web interface of Moxa OnCell G3470A-LTE Series version 1.6 Build 18021314 and prior, a different vulnerability than CVE-2018-11425. | 7.8 |