← back
CVE-2023-6093

OnCell G3150A-LTE Series: Clickjacking Vulnerability

CVSS 5.3 MEDIUMEPSS 0.3%CWE-1021
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.3EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
31 Dec 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A clickjacking vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior. This vulnerability is caused by incorrectly restricts frame objects, which can lead to user confusion about which interface the user is interacting with. This vulnerability may lead the attacker to trick the user into interacting with the application.
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
Affected products
Moxa · OnCell G3150A-LTE Series

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.moxa.com/en/support/product-support/security-advisory/oncell-g3150a-lte-series-multiple-web-application-vulnerabilities-and-security-enhancement