OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to accepting a format string from an external source as an argument. An attacker could modify an externally controlled format string to cause a memory leak and denial of service.
References
Configurations
Configuration 1 (hide)
AND |
|
History
18 Sep 2024, 15:52
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:h:moxa:oncell_g3470a-lte-us-t:-:*:*:*:*:*:*:* cpe:2.3:o:moxa:oncell_g3470a-lte-us_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:moxa:oncell_g3470a-lte-us:-:*:*:*:*:*:*:* cpe:2.3:o:moxa:oncell_g3470a-lte-eu_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:moxa:oncell_g3470a-lte-eu-t_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:moxa:oncell_g3470a-lte-us-t_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:moxa:oncell_g3470a-lte-eu-t:-:*:*:*:*:*:*:* cpe:2.3:h:moxa:oncell_g3470a-lte-eu:-:*:*:*:*:*:*:* |
|
First Time |
Moxa oncell G3470a-lte-eu-t Firmware
Moxa oncell G3470a-lte-us Firmware Moxa oncell G3470a-lte-us Moxa oncell G3470a-lte-eu Moxa Moxa oncell G3470a-lte-us-t Firmware Moxa oncell G3470a-lte-us-t Moxa oncell G3470a-lte-eu Firmware Moxa oncell G3470a-lte-eu-t |
|
References | () https://www.moxa.com/en/support/product-support/security-advisory/mpsa-242550-oncell-g3470a-lte-series-multiple-web-application-vulnerabilities - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
25 Jun 2024, 12:24
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
25 Jun 2024, 10:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-06-25 10:15
Updated : 2024-09-18 15:52
NVD link : CVE-2024-4641
Mitre link : CVE-2024-4641
CVE.ORG link : CVE-2024-4641
JSON object : View
Products Affected
moxa
- oncell_g3470a-lte-eu
- oncell_g3470a-lte-us_firmware
- oncell_g3470a-lte-eu-t_firmware
- oncell_g3470a-lte-us-t
- oncell_g3470a-lte-us-t_firmware
- oncell_g3470a-lte-eu-t
- oncell_g3470a-lte-us
- oncell_g3470a-lte-eu_firmware
CWE
CWE-134
Use of Externally-Controlled Format String