{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-0193", "assignerOrgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa", "state": "PUBLISHED", "assignerShortName": "Moxa", "dateReserved": "2025-01-03T08:10:03.462Z", "datePublished": "2025-01-15T11:05:11.594Z", "dateUpdated": "2025-01-15T14:35:22.364Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "MGate 5121 Series", "vendor": "Moxa", "versions": [{"status": "affected", "version": "1.0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "MGate 5122 Series", "vendor": "Moxa", "versions": [{"status": "affected", "version": "1.0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "MGate 5123 Series", "vendor": "Moxa", "versions": [{"status": "affected", "version": "1.0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Dmitrii Mosichkin"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">A stored Cross-site Scripting (XSS) vulnerability exists in the MGate 5121/5122/5123 Series firmware version v1.0 because of insufficient sanitization and encoding of user input in the \"Login Message\" functionality. An authenticated attacker with administrative access can exploit this vulnerability to inject malicious scripts that are</span><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;</span><span style=\"background-color: rgb(255, 255, 255);\">continuously stored on the device. These scripts are executed when other users access the login page, potentially resulting in unauthorized actions</span><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;</span><span style=\"background-color: rgb(255, 255, 255);\">or other impacts</span><span style=\"background-color: rgb(255, 255, 255);\">,</span><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;depending on the user's privileges.</span><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;</span><br>"}], "value": "A stored Cross-site Scripting (XSS) vulnerability exists in the MGate 5121/5122/5123 Series firmware version v1.0 because of insufficient sanitization and encoding of user input in the \"Login Message\" functionality. An authenticated attacker with administrative access can exploit this vulnerability to inject malicious scripts that are\u00a0continuously stored on the device. These scripts are executed when other users access the login page, potentially resulting in unauthorized actions\u00a0or other impacts,\u00a0depending on the user's privileges."}], "impacts": [{"capecId": "CAPEC-592", "descriptions": [{"lang": "en", "value": "CAPEC-592: Stored XSS"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 5.2, "baseSeverity": "MEDIUM", "privilegesRequired": "HIGH", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa", "shortName": "Moxa", "dateUpdated": "2025-01-15T11:05:11.594Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-247733-cve-2025-0193-stored-cross-site-scripting-(xss)-vulnerability-in-the-mgate-5121-5122-5123-series"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Moxa has developed appropriate solutions to address vulnerability. The solutions for the affected products are listed below. </p><p></p><ul><li>MGate 5121 Series: Upgrade to <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.moxa.com/en/products/industrial-edge-connectivity/protocol-gateways/modbus-tcp-gateways/mgate-5121-series#resources\">the firmware version 2.0</a>&nbsp;or later version</li><li><span style=\"background-color: var(--wht);\">MGate 5122 Series: Upgrade to </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.moxa.com/en/products/industrial-edge-connectivity/protocol-gateways/ethernet-ip-gateways/mgate-5122-series#resources\">the firmware version 2.0</a><span style=\"background-color: var(--wht);\">&nbsp;or later version</span></li><li><span style=\"background-color: var(--wht);\">MGate 5123 Series: Upgrade to </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.moxa.com/en/products/industrial-edge-connectivity/protocol-gateways/profinet-gateways/mgate-5123-series#resources\">the firmware version 2.0</a><span style=\"background-color: var(--wht);\">&nbsp;or later version</span></li></ul><p></p><br>"}], "value": "Moxa has developed appropriate solutions to address vulnerability. The solutions for the affected products are listed below. \n\n\n\n * MGate 5121 Series: Upgrade to the firmware version 2.0 https://www.moxa.com/en/products/industrial-edge-connectivity/protocol-gateways/modbus-tcp-gateways/mgate-5121-series#resources \u00a0or later version\n * MGate 5122 Series: Upgrade to the firmware version 2.0 https://www.moxa.com/en/products/industrial-edge-connectivity/protocol-gateways/ethernet-ip-gateways/mgate-5122-series#resources \u00a0or later version\n * MGate 5123 Series: Upgrade to the firmware version 2.0 https://www.moxa.com/en/products/industrial-edge-connectivity/protocol-gateways/profinet-gateways/mgate-5123-series#resources \u00a0or later version"}], "source": {"discovery": "EXTERNAL"}, "title": "Stored Cross-site Scripting (XSS) Vulnerability in the MGate 5121/5122/5123 Series", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<ul><li>Minimize network exposure to ensure the device is not accessible from the Internet. </li></ul><ul><li>Ensure that administrator accounts use strong, unique passwords, and restrict access to trusted personnel only.</li></ul>"}], "value": "* Minimize network exposure to ensure the device is not accessible from the Internet. \n\n\n * Ensure that administrator accounts use strong, unique passwords, and restrict access to trusted personnel only."}], "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-01-15T14:35:02.965309Z", "id": "CVE-2025-0193", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-15T14:35:22.364Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-0193", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-01-15T14:35:02.965309Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-15T14:35:14.611Z"}}], "cna": {"title": "Stored Cross-site Scripting (XSS) Vulnerability in the MGate 5121/5122/5123 Series", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Dmitrii Mosichkin"}], "impacts": [{"capecId": "CAPEC-592", "descriptions": [{"lang": "en", "value": "CAPEC-592: Stored XSS"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 5.2, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H", "providerUrgency": "NOT_DEFINED", "userInteraction": "PASSIVE", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "HIGH", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Moxa", "product": "MGate 5121 Series", "versions": [{"status": "affected", "version": "1.0", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Moxa", "product": "MGate 5122 Series", "versions": [{"status": "affected", "version": "1.0", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Moxa", "product": "MGate 5123 Series", "versions": [{"status": "affected", "version": "1.0", "versionType": "custom"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Moxa has developed appropriate solutions to address vulnerability. The solutions for the affected products are listed below. \n\n\n\n * MGate 5121 Series: Upgrade to the firmware version 2.0 https://www.moxa.com/en/products/industrial-edge-connectivity/protocol-gateways/modbus-tcp-gateways/mgate-5121-series#resources \u00a0or later version\n * MGate 5122 Series: Upgrade to the firmware version 2.0 https://www.moxa.com/en/products/industrial-edge-connectivity/protocol-gateways/ethernet-ip-gateways/mgate-5122-series#resources \u00a0or later version\n * MGate 5123 Series: Upgrade to the firmware version 2.0 https://www.moxa.com/en/products/industrial-edge-connectivity/protocol-gateways/profinet-gateways/mgate-5123-series#resources \u00a0or later version", "supportingMedia": [{"type": "text/html", "value": "<p>Moxa has developed appropriate solutions to address vulnerability. The solutions for the affected products are listed below. </p><p></p><ul><li>MGate 5121 Series: Upgrade to <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.moxa.com/en/products/industrial-edge-connectivity/protocol-gateways/modbus-tcp-gateways/mgate-5121-series#resources\">the firmware version 2.0</a>&nbsp;or later version</li><li><span style=\"background-color: var(--wht);\">MGate 5122 Series: Upgrade to </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.moxa.com/en/products/industrial-edge-connectivity/protocol-gateways/ethernet-ip-gateways/mgate-5122-series#resources\">the firmware version 2.0</a><span style=\"background-color: var(--wht);\">&nbsp;or later version</span></li><li><span style=\"background-color: var(--wht);\">MGate 5123 Series: Upgrade to </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.moxa.com/en/products/industrial-edge-connectivity/protocol-gateways/profinet-gateways/mgate-5123-series#resources\">the firmware version 2.0</a><span style=\"background-color: var(--wht);\">&nbsp;or later version</span></li></ul><p></p><br>", "base64": false}]}], "references": [{"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-247733-cve-2025-0193-stored-cross-site-scripting-(xss)-vulnerability-in-the-mgate-5121-5122-5123-series", "tags": ["vendor-advisory"]}], "workarounds": [{"lang": "en", "value": "* Minimize network exposure to ensure the device is not accessible from the Internet. \n\n\n * Ensure that administrator accounts use strong, unique passwords, and restrict access to trusted personnel only.", "supportingMedia": [{"type": "text/html", "value": "<ul><li>Minimize network exposure to ensure the device is not accessible from the Internet. </li></ul><ul><li>Ensure that administrator accounts use strong, unique passwords, and restrict access to trusted personnel only.</li></ul>", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "A stored Cross-site Scripting (XSS) vulnerability exists in the MGate 5121/5122/5123 Series firmware version v1.0 because of insufficient sanitization and encoding of user input in the \"Login Message\" functionality. An authenticated attacker with administrative access can exploit this vulnerability to inject malicious scripts that are\u00a0continuously stored on the device. These scripts are executed when other users access the login page, potentially resulting in unauthorized actions\u00a0or other impacts,\u00a0depending on the user's privileges.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">A stored Cross-site Scripting (XSS) vulnerability exists in the MGate 5121/5122/5123 Series firmware version v1.0 because of insufficient sanitization and encoding of user input in the \"Login Message\" functionality. An authenticated attacker with administrative access can exploit this vulnerability to inject malicious scripts that are</span><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;</span><span style=\"background-color: rgb(255, 255, 255);\">continuously stored on the device. These scripts are executed when other users access the login page, potentially resulting in unauthorized actions</span><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;</span><span style=\"background-color: rgb(255, 255, 255);\">or other impacts</span><span style=\"background-color: rgb(255, 255, 255);\">,</span><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;depending on the user's privileges.</span><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;</span><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa", "shortName": "Moxa", "dateUpdated": "2025-01-15T11:05:11.594Z"}}}, "cveMetadata": {"cveId": "CVE-2025-0193", "state": "PUBLISHED", "dateUpdated": "2025-01-15T14:35:22.364Z", "dateReserved": "2025-01-03T08:10:03.462Z", "assignerOrgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa", "datePublished": "2025-01-15T11:05:11.594Z", "assignerShortName": "Moxa"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A stored Cross-site Scripting (XSS) vulnerability exists in the MGate 5121/5122/5123 Series firmware version v1.0 because of insufficient sanitization and encoding of user input in the \"Login Message\" functionality. An authenticated attacker with administrative access can exploit this vulnerability to inject malicious scripts that are\u00a0continuously stored on the device. These scripts are executed when other users access the login page, potentially resulting in unauthorized actions\u00a0or other impacts,\u00a0depending on the user's privileges."}], "id": "CVE-2025-0193", "lastModified": "2025-01-15T11:15:09.280", "metrics": {"cvssMetricV40": [{"cvssData": {"attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "NETWORK", "automatable": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "baseScore": 5.2, "baseSeverity": "MEDIUM", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "HIGH", "providerUrgency": "NOT_DEFINED", "recovery": "NOT_DEFINED", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "HIGH", "subsequentSystemConfidentiality": "HIGH", "subsequentSystemIntegrity": "HIGH", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnerabilityResponseEffort": "NOT_DEFINED", "vulnerableSystemAvailability": "NONE", "vulnerableSystemConfidentiality": "NONE", "vulnerableSystemIntegrity": "NONE"}, "source": "psirt@moxa.com", "type": "Secondary"}]}, "published": "2025-01-15T11:15:09.280", "references": [{"source": "psirt@moxa.com", "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-247733-cve-2025-0193-stored-cross-site-scripting-(xss)-vulnerability-in-the-mgate-5121-5122-5123-series"}], "sourceIdentifier": "psirt@moxa.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "psirt@moxa.com", "type": "Secondary"}]}

{}

{}