Web application abuses : Moxa ioLogik E1200 Series Multiple Vulnerabilities

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.106360

Category: Web application abuses

Title: Moxa ioLogik E1200 Series Multiple Vulnerabilities

Summary: Moxa ioLogik E1200 Series are prone to multiple vulnerabilities.

Description: Summary:
Moxa ioLogik E1200 Series are prone to multiple vulnerabilities.

Vulnerability Insight:
Moxa ioLogik E1200 Series are prone to multiple vulnerabilities:

- XSS: The web application fails to sanitize user input, which may allow an attacker to inject script or
execute arbitrary code. (CVE-2016-8359)

- Insufficiently protected credentials: A password is transmitted in a format that is not sufficiently secure.
(CVE-2016-8372)

- Weak password requirement: Users are restricted to using short passwords. (CVE-2016-8379)

- CSRF: The web application may not sufficiently verify whether a request was provided by a valid user.
(CVE-2016-8350)

Vulnerability Impact:
An attacker who exploits these vulnerabilities may be able to remotely
execute arbitrary code, modify parameters and settings, or reset the device.

Affected Software/OS:
Moxa ioLogik E1200 Series.

Solution:
Update the Firmware.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2016-8359
BugTraq ID: 93550
http://www.securityfocus.com/bid/93550
https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05
Common Vulnerability Exposure (CVE) ID: CVE-2016-8372
Common Vulnerability Exposure (CVE) ID: CVE-2016-8379
Common Vulnerability Exposure (CVE) ID: CVE-2016-8350

Copyright Copyright (C) 2016 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.106360
Category:	Web application abuses
Title:	Moxa ioLogik E1200 Series Multiple Vulnerabilities
Summary:	Moxa ioLogik E1200 Series are prone to multiple vulnerabilities.
Description:	Summary: Moxa ioLogik E1200 Series are prone to multiple vulnerabilities. Vulnerability Insight: Moxa ioLogik E1200 Series are prone to multiple vulnerabilities: - XSS: The web application fails to sanitize user input, which may allow an attacker to inject script or execute arbitrary code. (CVE-2016-8359) - Insufficiently protected credentials: A password is transmitted in a format that is not sufficiently secure. (CVE-2016-8372) - Weak password requirement: Users are restricted to using short passwords. (CVE-2016-8379) - CSRF: The web application may not sufficiently verify whether a request was provided by a valid user. (CVE-2016-8350) Vulnerability Impact: An attacker who exploits these vulnerabilities may be able to remotely execute arbitrary code, modify parameters and settings, or reset the device. Affected Software/OS: Moxa ioLogik E1200 Series. Solution: Update the Firmware. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-8359 BugTraq ID: 93550 http://www.securityfocus.com/bid/93550 https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05 Common Vulnerability Exposure (CVE) ID: CVE-2016-8372 Common Vulnerability Exposure (CVE) ID: CVE-2016-8379 Common Vulnerability Exposure (CVE) ID: CVE-2016-8350
Copyright	Copyright (C) 2016 Greenbone AG