CVE-2023-6093 MEDIUM

CVE-2023-6093: OnCell G3150A-LTE Series: Clickjacking Vulnerability

Vendor Moxa
Product OnCell G3150A-LTE Series
Weakness CWE-1021
Published December 31, 2023
Last update August 2, 2024

CVSS base score

5.3/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction Required
Confidentiality None
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

What the vulnerability does

01Description

A clickjacking vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior. This vulnerability is caused by incorrectly restricts frame objects, which can lead to user confusion about which interface the user is interacting with. This vulnerability may lead the attacker to trick the user into interacting with the application.

Key dates

02Disclosure timeline

December 31, 2023 CVE published
August 2, 2024 Record updated