← back
CVE-2023-4229

ioLogik 4000 Series: Session Headers Not Implemented

CVSS 4.3 MEDIUMEPSS 0.3%CWE-1021
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.3EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
24 Aug 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, potentially exposing users to security risks. This vulnerability may allow attackers to trick users into interacting with malicious content, leading to unintended actions or unauthorized data disclosures.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Affected products
Moxa · ioLogik 4000 Series

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230310-iologik-4000-series-multiple-web-server-vulnerabilities-and-improper-access-control-vulnerability