Improper Handling of Length Parameter Inconsistency

CVE-2018-5453

High

7.5/10

Summary

An Improper Handling of Length Parameter Inconsistency issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. An attacker may be able to edit the element of an HTTP request, causing the device to become unavailable.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: NONE
Availability Impact: HIGH

CWE-130 - Improper Handling of Length Parameter Inconsistency

The software parses a formatted message or structure, but it does not handle or incorrectly handles a length field that is inconsistent with the actual length of the associated data.

References

Advisory Timeline

Published Mar 05, 2018

Improper Handling of Length Parameter Inconsistency

CVE-2018-5453

Summary

CWE-130 - Improper Handling of Length Parameter Inconsistency

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS