CVE-2025-1679 | THREATINT

Description

Cross-site Scripting has been identified in Moxa’s Ethernet switches, which allows an authenticated administrative attacker to inject malicious scripts to an affected device’s web service that could impact authenticated users interacting with the device’s web interface. This vulnerability is classified as stored cross-site scripting (XSS); attackers inject malicious scripts into the system, and the scripts persist across sessions. There is no impact to the confidentiality, integrity, and availability of the affected device; no loss of availability within any subsequent systems but has some loss of confidentiality and integrity within the subsequent system.

PUBLISHED Reserved 2025-02-25 | Published 2025-10-23 | Updated 2025-10-23 | Assigner Moxa

MEDIUM: 4.8CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

Problem types

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Product status

Default status

unaffected

1.0 (custom)

affected

4.0 (custom)

unaffected

Default status

unaffected

1.0 (custom)

affected

4.0 (custom)

unaffected

Default status

unaffected

1.0 (custom)

affected

5.5.255 (custom)

unaffected

Default status

unaffected

1.0 (custom)

affected

5.5.255 (custom)

unaffected

Credits

Aarón Flecha Menéndez finder

Víctor Bello Cuevas finder

References

www.moxa.com/...and-host-header-injection-vulnerabilities-in vendor-advisory

www.hackrtu.com/blog/cg-technical-en-003/ technical-description

cve.org (CVE-2025-1679)

nvd.nist.gov (CVE-2025-1679)

Download JSON