CVE-2023-6093

MEDIUM

OnCell G3150A-LTE Series <1.3 - XSS

Title source: llm

Description

A clickjacking vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior. This vulnerability is caused by incorrectly restricts frame objects, which can lead to user confusion about which interface the user is interacting with. This vulnerability may lead the attacker to trick the user into interacting with the application.

References (1)

[Vendor Advisory] https://www.moxa.com/en/support/product-support/security-advisory/oncell-g3150a-lte-series-multiple-web-application-vulnerabilities-and-security-enhancement

Scores

CVSS v3 5.3

EPSS 0.0007

EPSS Percentile 20.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

Details

CWE

CWE-1021

Status published

Products (1)

moxa/oncell_g3150a-lte_firmware < 1.3

Published Dec 31, 2023

Tracked Since Feb 18, 2026