{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-1680", "assignerOrgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa", "state": "PUBLISHED", "assignerShortName": "Moxa", "dateReserved": "2025-02-25T08:08:57.582Z", "datePublished": "2025-10-23T13:56:39.744Z", "dateUpdated": "2025-10-23T14:35:30.379Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "TN-4500A Series", "vendor": "Moxa", "versions": [{"lessThanOrEqual": "3.13", "status": "affected", "version": "1.0", "versionType": "custom"}, {"status": "unaffected", "version": "4.0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "TN-5500A Series", "vendor": "Moxa", "versions": [{"lessThanOrEqual": "3.13", "status": "affected", "version": "1.0", "versionType": "custom"}, {"status": "unaffected", "version": "4.0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "TN-G4500 Series", "vendor": "Moxa", "versions": [{"lessThanOrEqual": "5.5", "status": "affected", "version": "1.0", "versionType": "custom"}, {"status": "unaffected", "version": "5.5.255", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "TN-G6500 Series", "vendor": "Moxa", "versions": [{"lessThanOrEqual": "5.5", "status": "affected", "version": "1.0", "versionType": "custom"}, {"status": "unaffected", "version": "5.5.255", "versionType": "custom"}]}], "cpeApplicability": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:moxa:tn-4500a_series:*:*:*:*:*:*:*:*", "versionEndIncluding": "3.13", "versionStartIncluding": "1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:moxa:tn-4500a_series:4.0:*:*:*:*:*:*:*", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:moxa:tn-5500a_series:*:*:*:*:*:*:*:*", "versionEndIncluding": "3.13", "versionStartIncluding": "1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:moxa:tn-5500a_series:4.0:*:*:*:*:*:*:*", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:moxa:tn-g4500_series:*:*:*:*:*:*:*:*", "versionEndIncluding": "5.5", "versionStartIncluding": "1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:moxa:tn-g4500_series:5.5.255:*:*:*:*:*:*:*", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:moxa:tn-g6500_series:*:*:*:*:*:*:*:*", "versionEndIncluding": "5.5", "versionStartIncluding": "1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:moxa:tn-g6500_series:5.5.255:*:*:*:*:*:*:*", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "OR"}], "credits": [{"lang": "en", "type": "finder", "value": "Aar\u00f3n Flecha Men\u00e9ndez"}, {"lang": "en", "type": "finder", "value": "V\u00edctor Bello Cuevas"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">An acceptance of extraneous untrusted data with trusted data vulnerability has been identified in Moxa\u2019s Ethernet switches, which allows attackers with administrative privileges to manipulate HTTP Host headers by injecting a specially crafted Host header into HTTP requests sent to an affected device\u2019s web service. This vulnerability is classified as Host Header Injection, where invalid Host headers can manipulate to redirect users, forge links, or phishing attacks. There is no impact to the confidentiality, integrity, and availability of the affected device; no loss of confidentiality, integrity, and availability within any subsequent systems.</span><br>"}], "value": "An acceptance of extraneous untrusted data with trusted data vulnerability has been identified in Moxa\u2019s Ethernet switches, which allows attackers with administrative privileges to manipulate HTTP Host headers by injecting a specially crafted Host header into HTTP requests sent to an affected device\u2019s web service. This vulnerability is classified as Host Header Injection, where invalid Host headers can manipulate to redirect users, forge links, or phishing attacks. There is no impact to the confidentiality, integrity, and availability of the affected device; no loss of confidentiality, integrity, and availability within any subsequent systems."}], "impacts": [{"capecId": "CAPEC-154", "descriptions": [{"lang": "en", "value": "CAPEC-154: Resource Location Spoofing"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "baseScore": 0, "baseSeverity": "NONE", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-349", "description": "CWE-349: Acceptance of Extraneous Untrusted Data With Trusted Data", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa", "shortName": "Moxa", "dateUpdated": "2025-10-23T13:56:39.744Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-257421-cve-2025-1679,-cve-2025-1680-stored-cross-site-scripting-(xss)-and-host-header-injection-vulnerabilities-in"}, {"tags": ["technical-description"], "url": "https://www.hackrtu.com/blog/cg-technical-en-003/"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Moxa has developed appropriate solutions to address these vulnerabilities. Please refer to&nbsp;<a target=\"_blank\" rel=\"nofollow\" href=\"https://www.moxa.com/en/support/product-support/security-advisory/mpsa-257421-cve-2025-1679,-cve-2025-1680-stored-cross-site-scripting-(xss)-and-host-header-injection-vulnerabilities-in\">https://www.moxa.com/en/support/product-support/security-advisory/mpsa-257421-cve-2025-1679,-cve-202...</a></span><br>"}], "value": "Moxa has developed appropriate solutions to address these vulnerabilities. Please refer to\u00a0 https://www.moxa.com/en/support/product-support/security-advisory/mpsa-257421-cve-2025-1679,-cve-202... https://www.moxa.com/en/support/product-support/security-advisory/mpsa-257421-cve-2025-1679,-cve-2025-1680-stored-cross-site-scripting-(xss)-and-host-header-injection-vulnerabilities-in"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 0.4.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-10-23T14:34:58.621334Z", "id": "CVE-2025-1680", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-23T14:35:30.379Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-1680", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-10-23T14:34:58.621334Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-23T14:35:05.185Z"}}], "cna": {"source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Aar\u00f3n Flecha Men\u00e9ndez"}, {"lang": "en", "type": "finder", "value": "V\u00edctor Bello Cuevas"}], "impacts": [{"capecId": "CAPEC-154", "descriptions": [{"lang": "en", "value": "CAPEC-154: Resource Location Spoofing"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 0, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N", "providerUrgency": "NOT_DEFINED", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Moxa", "product": "TN-4500A Series", "versions": [{"status": "affected", "version": "1.0", "versionType": "custom", "lessThanOrEqual": "3.13"}, {"status": "unaffected", "version": "4.0", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Moxa", "product": "TN-5500A Series", "versions": [{"status": "affected", "version": "1.0", "versionType": "custom", "lessThanOrEqual": "3.13"}, {"status": "unaffected", "version": "4.0", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Moxa", "product": "TN-G4500 Series", "versions": [{"status": "affected", "version": "1.0", "versionType": "custom", "lessThanOrEqual": "5.5"}, {"status": "unaffected", "version": "5.5.255", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Moxa", "product": "TN-G6500 Series", "versions": [{"status": "affected", "version": "1.0", "versionType": "custom", "lessThanOrEqual": "5.5"}, {"status": "unaffected", "version": "5.5.255", "versionType": "custom"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Moxa has developed appropriate solutions to address these vulnerabilities. Please refer to\u00a0 https://www.moxa.com/en/support/product-support/security-advisory/mpsa-257421-cve-2025-1679,-cve-202... https://www.moxa.com/en/support/product-support/security-advisory/mpsa-257421-cve-2025-1679,-cve-2025-1680-stored-cross-site-scripting-(xss)-and-host-header-injection-vulnerabilities-in", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Moxa has developed appropriate solutions to address these vulnerabilities. Please refer to&nbsp;<a target=\"_blank\" rel=\"nofollow\" href=\"https://www.moxa.com/en/support/product-support/security-advisory/mpsa-257421-cve-2025-1679,-cve-2025-1680-stored-cross-site-scripting-(xss)-and-host-header-injection-vulnerabilities-in\">https://www.moxa.com/en/support/product-support/security-advisory/mpsa-257421-cve-2025-1679,-cve-202...</a></span><br>", "base64": false}]}], "references": [{"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-257421-cve-2025-1679,-cve-2025-1680-stored-cross-site-scripting-(xss)-and-host-header-injection-vulnerabilities-in", "tags": ["vendor-advisory"]}, {"url": "https://www.hackrtu.com/blog/cg-technical-en-003/", "tags": ["technical-description"]}], "x_generator": {"engine": "Vulnogram 0.4.0"}, "descriptions": [{"lang": "en", "value": "An acceptance of extraneous untrusted data with trusted data vulnerability has been identified in Moxa\u2019s Ethernet switches, which allows attackers with administrative privileges to manipulate HTTP Host headers by injecting a specially crafted Host header into HTTP requests sent to an affected device\u2019s web service. This vulnerability is classified as Host Header Injection, where invalid Host headers can manipulate to redirect users, forge links, or phishing attacks. There is no impact to the confidentiality, integrity, and availability of the affected device; no loss of confidentiality, integrity, and availability within any subsequent systems.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">An acceptance of extraneous untrusted data with trusted data vulnerability has been identified in Moxa\u2019s Ethernet switches, which allows attackers with administrative privileges to manipulate HTTP Host headers by injecting a specially crafted Host header into HTTP requests sent to an affected device\u2019s web service. This vulnerability is classified as Host Header Injection, where invalid Host headers can manipulate to redirect users, forge links, or phishing attacks. There is no impact to the confidentiality, integrity, and availability of the affected device; no loss of confidentiality, integrity, and availability within any subsequent systems.</span><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-349", "description": "CWE-349: Acceptance of Extraneous Untrusted Data With Trusted Data"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:moxa:tn-4500a_series:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndIncluding": "3.13", "versionStartIncluding": "1.0"}, {"criteria": "cpe:2.3:a:moxa:tn-4500a_series:4.0:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:moxa:tn-5500a_series:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndIncluding": "3.13", "versionStartIncluding": "1.0"}, {"criteria": "cpe:2.3:a:moxa:tn-5500a_series:4.0:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:moxa:tn-g4500_series:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndIncluding": "5.5", "versionStartIncluding": "1.0"}, {"criteria": "cpe:2.3:a:moxa:tn-g4500_series:5.5.255:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:moxa:tn-g6500_series:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndIncluding": "5.5", "versionStartIncluding": "1.0"}, {"criteria": "cpe:2.3:a:moxa:tn-g6500_series:5.5.255:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}], "operator": "OR"}], "providerMetadata": {"orgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa", "shortName": "Moxa", "dateUpdated": "2025-10-23T13:56:39.744Z"}}}, "cveMetadata": {"cveId": "CVE-2025-1680", "state": "PUBLISHED", "dateUpdated": "2025-10-23T14:35:30.379Z", "dateReserved": "2025-02-25T08:08:57.582Z", "assignerOrgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa", "datePublished": "2025-10-23T13:56:39.744Z", "assignerShortName": "Moxa"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An acceptance of extraneous untrusted data with trusted data vulnerability has been identified in Moxa\u2019s Ethernet switches, which allows attackers with administrative privileges to manipulate HTTP Host headers by injecting a specially crafted Host header into HTTP requests sent to an affected device\u2019s web service. This vulnerability is classified as Host Header Injection, where invalid Host headers can manipulate to redirect users, forge links, or phishing attacks. There is no impact to the confidentiality, integrity, and availability of the affected device; no loss of confidentiality, integrity, and availability within any subsequent systems."}], "id": "CVE-2025-1680", "lastModified": "2025-10-23T14:15:35.813", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 0.0, "baseSeverity": "NONE", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "psirt@moxa.com", "type": "Secondary"}]}, "published": "2025-10-23T14:15:35.813", "references": [{"source": "psirt@moxa.com", "url": "https://www.hackrtu.com/blog/cg-technical-en-003/"}, {"source": "psirt@moxa.com", "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-257421-cve-2025-1679,-cve-2025-1680-stored-cross-site-scripting-(xss)-and-host-header-injection-vulnerabilities-in"}], "sourceIdentifier": "psirt@moxa.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-349"}], "source": "psirt@moxa.com", "type": "Secondary"}]}

{}

{"created": "2025-10-24T10:16:53.960950+00:00", "updated": "2025-10-24T10:16:53.960987+00:00", "vendors": ["moxa", "moxa$PRODUCT$tn-4500a", "moxa$PRODUCT$tn-5500a", "moxa$PRODUCT$tn-g4500", "moxa$PRODUCT$tn-g6500"]}