Vulnerability Description
A NULL Pointer Dereference issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. The application does not check for a NULL value, allowing for an attacker to perform a denial of service attack.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Moxa | Oncell G3150-Hspa-T Firmware | <= 1.4 |
| Moxa | Oncell G3150-Hspa-T | - |
| Moxa | Oncell G3110-Hspa-T Firmware | <= 1.4 |
| Moxa | Oncell G3110-Hspa-T | - |
| Moxa | Oncell G3150-Hspa Firmware | <= 1.4 |
| Moxa | Oncell G3150-Hspa | - |
| Moxa | Oncell G3110-Hspa Firmware | <= 1.4 |
| Moxa | Oncell G3110-Hspa | - |
Related Weaknesses (CWE)
References
- https://ics-cert.us-cert.gov/advisories/ICSA-18-060-02Third Party AdvisoryUS Government Resource
- https://ics-cert.us-cert.gov/advisories/ICSA-18-060-02Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2018-5449?
CVE-2018-5449 is a vulnerability with a CVSS score of 6.5 (MEDIUM). A NULL Pointer Dereference issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. The application does not check for a NULL value, allowing for an attacker to perf...
How severe is CVE-2018-5449?
CVE-2018-5449 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-5449?
Check the references section above for vendor advisories and patch information. Affected products include: Moxa Oncell G3150-Hspa-T Firmware, Moxa Oncell G3150-Hspa-T, Moxa Oncell G3110-Hspa-T Firmware, Moxa Oncell G3110-Hspa-T, Moxa Oncell G3150-Hspa Firmware.