Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Moxa Subscribe
Filtered by product Sds-3008
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-40693 1 Moxa 4 Sds-3008, Sds-3008-t, Sds-3008-t Firmware and 1 more 2023-02-16 N/A 7.5 HIGH
A cleartext transmission vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted network sniffing can lead to a disclosure of sensitive information. An attacker can sniff network traffic to trigger this vulnerability.
CVE-2022-41311 1 Moxa 4 Sds-3008, Sds-3008-t, Sds-3008-t Firmware and 1 more 2023-02-16 N/A 5.4 MEDIUM
A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can send an HTTP request to trigger this vulnerability.Form field id="webLocationMessage_text" name="webLocationMessage_text"
CVE-2022-41312 1 Moxa 4 Sds-3008, Sds-3008-t, Sds-3008-t Firmware and 1 more 2023-02-15 N/A 5.4 MEDIUM
A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can send an HTTP request to trigger this vulnerability.Form field id="Switch Description", name "switch_description"
CVE-2022-41313 1 Moxa 4 Sds-3008, Sds-3008-t, Sds-3008-t Firmware and 1 more 2023-02-15 N/A 5.4 MEDIUM
A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can send an HTTP request to trigger this vulnerability.Form field id="switch_contact"
CVE-2022-40691 1 Moxa 4 Sds-3008, Sds-3008-t, Sds-3008-t Firmware and 1 more 2023-02-15 N/A 5.3 MEDIUM
An information disclosure vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to a disclosure of sensitive information. An attacker can send an HTTP request to trigger this vulnerability.
CVE-2022-40224 1 Moxa 4 Sds-3008, Sds-3008-t, Sds-3008-t Firmware and 1 more 2023-02-15 N/A 7.5 HIGH
A denial of service vulnerability exists in the web server functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP message header can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.