CVE-2025-1679

23.10.2025, 14:15

Cross-site Scripting has been identified in Moxas Ethernet switches, which allows an authenticated administrative attacker to inject malicious scripts to an affected devices web service that could impact authenticated users interacting with the devices web interface. This vulnerability is classified as stored cross-site scripting (XSS); attackers inject malicious scripts into the system, and the scripts persist across sessions. There is no impact to the confidentiality, integrity, and availability of the affected device; no loss of availability within any subsequent systems but has some loss of confidentiality and integrity within the subsequent system.

Cross-site Scripting

Provider	Type	Base Score	Vector
NIST	NIST	UNKNOWN	---
Moxa	CNA	---	---
CISA-ADP	ADP	---	---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 17%

Common Weakness Enumeration

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Vulnerability Media Exposure

[GERMAN] Moxa Switch: Mehrere Schwachstellen
Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Moxa Switch ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen und Daten zu manipulieren.
Published: 2025-10-23T22:00:00+00:00

References

https://www.hackrtu.com/blog/cg-technical-en-003/

https://www.moxa.com/en/support/product-support/security-advisory/mpsa-257421-cve-2025-1679,-cve-2025-1680-stored-cross-site-scripting-(xss)-and-host-header-injection-vulnerabilities-in