VDB
CVE-2023-6094
CVE-2023-6094
PUBLISHED
CVSS 5.300000190734863 MEDIUM
A vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior. The vulnerability results from a lack of protection for sensitive information during transmission. An attacker eavesdropping on the traffic between the web browser and server may obtain sensitive information. This type of attack could be executed to gather sensitive information or to facilitate a subsequent attack against the target.
EPSS 0.09% · 26.3th percentile
Risk Scores
CVSS 3.1
5.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS Score
0.09%
26.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| moxa | oncell_g3150a-lte_firmware | 0, 0, 0 |
| Moxa | OnCell G3150A-LTE Series | 1.0, 1.0 |
Exploit Intelligence
- CIRCL seen: CVE-2023-6094 (circl-sighting)
- CIRCL seen: CVE-2023-6094 (circl-sighting)
- Simplified Version of Cryptography Attack based on Birthday Paradox: Sweet32 (CVE-2016-2183) (github-poc)
- Simplified Version of Cryptography Attack based on Birthday Paradox: Sweet32 (CVE-2016-2183) (github-poc)
- Simplified Version of Cryptography Attack based on Birthday Paradox: Sweet32 (CVE-2016-2183) (github-poc)
- Simplified Version of Cryptography Attack based on Birthday Paradox: Sweet32 (CVE-2016-2183) (github-poc)
- Simplified Version of Cryptography Attack based on Birthday Paradox: Sweet32 (CVE-2016-2183) (github-poc)
- https://www.moxa.com/en/support/product-support/security-advisory/oncell-g3150a-lte-series-multiple-web-application-vulnerabilities-and-security-enhancement (circl)
Timeline
- Dec 31, 2023 CVE Published
- Dec 31, 2023 PoC Published
- Jan 1, 2024 EPSS Score
- Jan 1, 2024 PoC Published
- Jan 30, 2024 EPSS Score
- Feb 27, 2024 EPSS Score
- Mar 27, 2024 EPSS Score
- Apr 24, 2024 EPSS Score
- May 23, 2024 EPSS Score
- Jun 21, 2024 EPSS Score
- Jul 19, 2024 EPSS Score
- Aug 17, 2024 EPSS Score