Filtered by vendor Moxa Subscriptions
Filtered by product Sds-3008 Subscriptions
Total 6 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-41313 1 Moxa 4 Sds-3008, Sds-3008-t, Sds-3008-t Firmware and 1 more 2024-11-21 5.4 Medium
A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can send an HTTP request to trigger this vulnerability.Form field id="switch_contact"
CVE-2022-41312 1 Moxa 4 Sds-3008, Sds-3008-t, Sds-3008-t Firmware and 1 more 2024-11-21 5.4 Medium
A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can send an HTTP request to trigger this vulnerability.Form field id="Switch Description", name "switch_description"
CVE-2022-41311 1 Moxa 4 Sds-3008, Sds-3008-t, Sds-3008-t Firmware and 1 more 2024-11-21 5.4 Medium
A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can send an HTTP request to trigger this vulnerability.Form field id="webLocationMessage_text" name="webLocationMessage_text"
CVE-2022-40693 1 Moxa 4 Sds-3008, Sds-3008-t, Sds-3008-t Firmware and 1 more 2024-11-21 7.5 High
A cleartext transmission vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted network sniffing can lead to a disclosure of sensitive information. An attacker can sniff network traffic to trigger this vulnerability.
CVE-2022-40691 1 Moxa 4 Sds-3008, Sds-3008-t, Sds-3008-t Firmware and 1 more 2024-11-21 5.3 Medium
An information disclosure vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to a disclosure of sensitive information. An attacker can send an HTTP request to trigger this vulnerability.
CVE-2022-40224 1 Moxa 4 Sds-3008, Sds-3008-t, Sds-3008-t Firmware and 1 more 2024-11-21 7.5 High
A denial of service vulnerability exists in the web server functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP message header can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.