Vulnerabilities > Moxa > Oncell G3470A LTE US T Firmware

DATE CVE VULNERABILITY TITLE RISK
2024-06-25 CVE-2024-4639 Command Injection vulnerability in Moxa products
OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to a lack of neutralized inputs in IPSec configuration.
network
low complexity
moxa CWE-77
8.8
2024-06-25 CVE-2024-4640 Classic Buffer Overflow vulnerability in Moxa products
OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to missing bounds checking on buffer operations.
network
low complexity
moxa CWE-120
8.2
2024-06-25 CVE-2024-4641 Use of Externally-Controlled Format String vulnerability in Moxa products
OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to accepting a format string from an external source as an argument.
network
low complexity
moxa CWE-134
critical
9.8
2024-06-25 CVE-2024-4638 Command Injection vulnerability in Moxa products
OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to a lack of neutralized inputs in the web key upload function.
network
low complexity
moxa CWE-77
8.8
2019-07-03 CVE-2018-11425 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Moxa products
Memory corruption issue was discovered in Moxa OnCell G3470A-LTE Series version 1.6 Build 18021314 and prior, a different vulnerability than CVE-2018-11424.
network
low complexity
moxa CWE-119
critical
9.8
2019-07-03 CVE-2018-11424 Out-of-bounds Write vulnerability in Moxa products
There is Memory corruption in the web interface of Moxa OnCell G3470A-LTE Series version 1.6 Build 18021314 and prior, a different vulnerability than CVE-2018-11425.
network
low complexity
moxa CWE-787
7.5