{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-1679", "assignerOrgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa", "state": "PUBLISHED", "assignerShortName": "Moxa", "dateReserved": "2025-02-25T08:08:17.451Z", "datePublished": "2025-10-23T13:51:27.285Z", "dateUpdated": "2025-10-23T14:37:22.233Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "TN-4500A Series", "vendor": "Moxa", "versions": [{"lessThanOrEqual": "3.13", "status": "affected", "version": "1.0", "versionType": "custom"}, {"status": "unaffected", "version": "4.0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "TN-5500A Series", "vendor": "Moxa", "versions": [{"lessThanOrEqual": "3.13", "status": "affected", "version": "1.0", "versionType": "custom"}, {"status": "unaffected", "version": "4.0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "TN-G4500 Series", "vendor": "Moxa", "versions": [{"lessThanOrEqual": "5.5", "status": "affected", "version": "1.0", "versionType": "custom"}, {"status": "unaffected", "version": "5.5.255", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "TN-G6500 Series", "vendor": "Moxa", "versions": [{"lessThanOrEqual": "5.5", "status": "affected", "version": "1.0", "versionType": "custom"}, {"status": "unaffected", "version": "5.5.255", "versionType": "custom"}]}], "cpeApplicability": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:moxa:tn-4500a_series:*:*:*:*:*:*:*:*", "versionEndIncluding": "3.13", "versionStartIncluding": "1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:moxa:tn-4500a_series:4.0:*:*:*:*:*:*:*", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:moxa:tn-5500a_series:*:*:*:*:*:*:*:*", "versionEndIncluding": "3.13", "versionStartIncluding": "1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:moxa:tn-5500a_series:4.0:*:*:*:*:*:*:*", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:moxa:tn-g4500_series:*:*:*:*:*:*:*:*", "versionEndIncluding": "5.5", "versionStartIncluding": "1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:moxa:tn-g4500_series:5.5.255:*:*:*:*:*:*:*", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:moxa:tn-g6500_series:*:*:*:*:*:*:*:*", "versionEndIncluding": "5.5", "versionStartIncluding": "1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:moxa:tn-g6500_series:5.5.255:*:*:*:*:*:*:*", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "OR"}], "credits": [{"lang": "en", "type": "finder", "value": "Aar\u00f3n Flecha Men\u00e9ndez"}, {"lang": "en", "type": "finder", "value": "V\u00edctor Bello Cuevas"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Cross-site Scripting has been identified in Moxa\u2019s Ethernet switches, which allows an authenticated administrative attacker to inject malicious scripts to an affected device\u2019s web service that could impact authenticated users interacting with the device\u2019s web interface. This vulnerability is classified as stored cross-site scripting (XSS); attackers inject malicious scripts into the system, and the scripts persist across sessions. There is no impact to the confidentiality, integrity, and availability of the affected device; no loss of availability within any subsequent systems but has some loss of confidentiality and integrity within the subsequent system.</span><br>"}], "value": "Cross-site Scripting has been identified in Moxa\u2019s Ethernet switches, which allows an authenticated administrative attacker to inject malicious scripts to an affected device\u2019s web service that could impact authenticated users interacting with the device\u2019s web interface. This vulnerability is classified as stored cross-site scripting (XSS); attackers inject malicious scripts into the system, and the scripts persist across sessions. There is no impact to the confidentiality, integrity, and availability of the affected device; no loss of availability within any subsequent systems but has some loss of confidentiality and integrity within the subsequent system."}], "impacts": [{"capecId": "CAPEC-63", "descriptions": [{"lang": "en", "value": "CAPEC-63: Cross-Site Scripting (XSS)"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 4.8, "baseSeverity": "MEDIUM", "privilegesRequired": "HIGH", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa", "shortName": "Moxa", "dateUpdated": "2025-10-23T13:51:27.285Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-257421-cve-2025-1679,-cve-2025-1680-stored-cross-site-scripting-(xss)-and-host-header-injection-vulnerabilities-in"}, {"tags": ["technical-description"], "url": "https://www.hackrtu.com/blog/cg-technical-en-003/"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Moxa has developed appropriate solutions to address these vulnerabilities. Please refer to&nbsp;<a target=\"_blank\" rel=\"nofollow\" href=\"https://www.moxa.com/en/support/product-support/security-advisory/mpsa-257421-cve-2025-1679,-cve-2025-1680-stored-cross-site-scripting-(xss)-and-host-header-injection-vulnerabilities-in\">https://www.moxa.com/en/support/product-support/security-advisory/mpsa-257421-cve-2025-1679,-cve-202...</a></span><br>"}], "value": "Moxa has developed appropriate solutions to address these vulnerabilities. Please refer to\u00a0 https://www.moxa.com/en/support/product-support/security-advisory/mpsa-257421-cve-2025-1679,-cve-202... https://www.moxa.com/en/support/product-support/security-advisory/mpsa-257421-cve-2025-1679,-cve-2025-1680-stored-cross-site-scripting-(xss)-and-host-header-injection-vulnerabilities-in"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 0.4.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-10-23T14:37:07.872419Z", "id": "CVE-2025-1679", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-23T14:37:22.233Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-1679", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-10-23T14:37:07.872419Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-23T14:37:13.604Z"}}], "cna": {"source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Aar\u00f3n Flecha Men\u00e9ndez"}, {"lang": "en", "type": "finder", "value": "V\u00edctor Bello Cuevas"}], "impacts": [{"capecId": "CAPEC-63", "descriptions": [{"lang": "en", "value": "CAPEC-63: Cross-Site Scripting (XSS)"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 4.8, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N", "providerUrgency": "NOT_DEFINED", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "HIGH", "subIntegrityImpact": "LOW", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Moxa", "product": "TN-4500A Series", "versions": [{"status": "affected", "version": "1.0", "versionType": "custom", "lessThanOrEqual": "3.13"}, {"status": "unaffected", "version": "4.0", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Moxa", "product": "TN-5500A Series", "versions": [{"status": "affected", "version": "1.0", "versionType": "custom", "lessThanOrEqual": "3.13"}, {"status": "unaffected", "version": "4.0", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Moxa", "product": "TN-G4500 Series", "versions": [{"status": "affected", "version": "1.0", "versionType": "custom", "lessThanOrEqual": "5.5"}, {"status": "unaffected", "version": "5.5.255", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Moxa", "product": "TN-G6500 Series", "versions": [{"status": "affected", "version": "1.0", "versionType": "custom", "lessThanOrEqual": "5.5"}, {"status": "unaffected", "version": "5.5.255", "versionType": "custom"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Moxa has developed appropriate solutions to address these vulnerabilities. Please refer to\u00a0 https://www.moxa.com/en/support/product-support/security-advisory/mpsa-257421-cve-2025-1679,-cve-202... https://www.moxa.com/en/support/product-support/security-advisory/mpsa-257421-cve-2025-1679,-cve-2025-1680-stored-cross-site-scripting-(xss)-and-host-header-injection-vulnerabilities-in", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Moxa has developed appropriate solutions to address these vulnerabilities. Please refer to&nbsp;<a target=\"_blank\" rel=\"nofollow\" href=\"https://www.moxa.com/en/support/product-support/security-advisory/mpsa-257421-cve-2025-1679,-cve-2025-1680-stored-cross-site-scripting-(xss)-and-host-header-injection-vulnerabilities-in\">https://www.moxa.com/en/support/product-support/security-advisory/mpsa-257421-cve-2025-1679,-cve-202...</a></span><br>", "base64": false}]}], "references": [{"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-257421-cve-2025-1679,-cve-2025-1680-stored-cross-site-scripting-(xss)-and-host-header-injection-vulnerabilities-in", "tags": ["vendor-advisory"]}, {"url": "https://www.hackrtu.com/blog/cg-technical-en-003/", "tags": ["technical-description"]}], "x_generator": {"engine": "Vulnogram 0.4.0"}, "descriptions": [{"lang": "en", "value": "Cross-site Scripting has been identified in Moxa\u2019s Ethernet switches, which allows an authenticated administrative attacker to inject malicious scripts to an affected device\u2019s web service that could impact authenticated users interacting with the device\u2019s web interface. This vulnerability is classified as stored cross-site scripting (XSS); attackers inject malicious scripts into the system, and the scripts persist across sessions. There is no impact to the confidentiality, integrity, and availability of the affected device; no loss of availability within any subsequent systems but has some loss of confidentiality and integrity within the subsequent system.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Cross-site Scripting has been identified in Moxa\u2019s Ethernet switches, which allows an authenticated administrative attacker to inject malicious scripts to an affected device\u2019s web service that could impact authenticated users interacting with the device\u2019s web interface. This vulnerability is classified as stored cross-site scripting (XSS); attackers inject malicious scripts into the system, and the scripts persist across sessions. There is no impact to the confidentiality, integrity, and availability of the affected device; no loss of availability within any subsequent systems but has some loss of confidentiality and integrity within the subsequent system.</span><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:moxa:tn-4500a_series:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndIncluding": "3.13", "versionStartIncluding": "1.0"}, {"criteria": "cpe:2.3:a:moxa:tn-4500a_series:4.0:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:moxa:tn-5500a_series:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndIncluding": "3.13", "versionStartIncluding": "1.0"}, {"criteria": "cpe:2.3:a:moxa:tn-5500a_series:4.0:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:moxa:tn-g4500_series:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndIncluding": "5.5", "versionStartIncluding": "1.0"}, {"criteria": "cpe:2.3:a:moxa:tn-g4500_series:5.5.255:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:moxa:tn-g6500_series:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndIncluding": "5.5", "versionStartIncluding": "1.0"}, {"criteria": "cpe:2.3:a:moxa:tn-g6500_series:5.5.255:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}], "operator": "OR"}], "providerMetadata": {"orgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa", "shortName": "Moxa", "dateUpdated": "2025-10-23T13:51:27.285Z"}}}, "cveMetadata": {"cveId": "CVE-2025-1679", "state": "PUBLISHED", "dateUpdated": "2025-10-23T14:37:22.233Z", "dateReserved": "2025-02-25T08:08:17.451Z", "assignerOrgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa", "datePublished": "2025-10-23T13:51:27.285Z", "assignerShortName": "Moxa"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Cross-site Scripting has been identified in Moxa\u2019s Ethernet switches, which allows an authenticated administrative attacker to inject malicious scripts to an affected device\u2019s web service that could impact authenticated users interacting with the device\u2019s web interface. This vulnerability is classified as stored cross-site scripting (XSS); attackers inject malicious scripts into the system, and the scripts persist across sessions. There is no impact to the confidentiality, integrity, and availability of the affected device; no loss of availability within any subsequent systems but has some loss of confidentiality and integrity within the subsequent system."}], "id": "CVE-2025-1679", "lastModified": "2025-10-23T14:15:35.653", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "HIGH", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "[email protected]", "type": "Secondary"}]}, "published": "2025-10-23T14:15:35.653", "references": [{"source": "[email protected]", "url": "https://www.hackrtu.com/blog/cg-technical-en-003/"}, {"source": "[email protected]", "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-257421-cve-2025-1679,-cve-2025-1680-stored-cross-site-scripting-(xss)-and-host-header-injection-vulnerabilities-in"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "[email protected]", "type": "Secondary"}]}

{}