Cross-site request forgery (CSRF) vulnerability on Moxa MiiNePort devices with firmware 1.1.10 Build 09120714, 1.1 Build 10080614, and 1.0 Build 11071409 allows remote authentication hijacking.

CVE-2016-2285 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Cross-site request forgery (CSRF) vulnerability on Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614, MiiNePort_E2_4561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build 11071409 allows remote attackers to hijack the authentication of arbitrary users.

Learn more about our User Device Pen Test.