Vulnerability Details : CVE-2015-6465
The GoAhead web server on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote authenticated users to cause a denial of service (reboot) via a crafted URL.
Vulnerability category: Denial of service
Products affected by CVE-2015-6465
- cpe:2.3:o:moxa:eds-405a_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:moxa:eds-408a_firmware:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2015-6465
0.29%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 65 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-6465
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:L/Au:S/C:N/I:N/A:C |
8.0
|
6.9
|
NIST |
References for CVE-2015-6465
-
https://ics-cert.us-cert.gov/advisories/ICSA-15-246-03
Moxa Industrial Managed Switch Vulnerabilities | CISAThird Party Advisory;US Government Resource
-
http://www.moxa.com/support/download.aspx?type=support&id=328
Moxa - SupportPatch
-
http://www.securitytracker.com/id/1033543
GoAhead Web Server Lets Remote Authenticated Users Consume Excessive Resources - SecurityTracker
Jump to