{"id":72204,"date":"2025-10-23T17:45:35","date_gmt":"2025-10-23T14:15:35","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2025-1680-moxa-ethernet-switches-host-header-injection-vulnerability\/"},"modified":"2025-10-23T17:45:35","modified_gmt":"2025-10-23T14:15:35","slug":"cve-2025-1680-moxa-ethernet-switches-host-header-injection-vulnerability","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2025-1680-moxa-ethernet-switches-host-header-injection-vulnerability\/","title":{"rendered":"CVE-2025-1680 &#8211; Moxa Ethernet Switches Host Header Injection Vulnerability"},"content":{"rendered":"<p>CVE ID : CVE-2025-1680<\/p>\n<p>Published :  Oct. 23, 2025, 2:15 p.m. | 27\u00a0minutes ago<\/p>\n<p>Description : An acceptance of extraneous untrusted data with trusted data vulnerability has been identified in Moxa\u2019s Ethernet switches, which allows attackers with administrative privileges to manipulate HTTP Host headers by injecting a specially crafted Host header into HTTP requests sent to an affected device\u2019s web service. This vulnerability is classified as Host Header Injection, where invalid Host headers can manipulate to redirect users, forge links, or phishing attacks. There is no impact to the confidentiality, integrity, and availability of the affected device; no loss of confidentiality, integrity, and availability within any subsequent systems.<\/p>\n<p>Severity: 0.0 | NONE<\/p>\n<p>Visit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2025-1680 Published : Oct. 23, 2025, 2:15 p.m. | 27\u00a0minutes ago Description : An acceptance of extraneous untrusted data with trusted data vulnerability has been identified in Moxa\u2019s Ethernet switches, which allows attackers with administrative privileges to manipulate HTTP Host headers by injecting a specially crafted Host header into HTTP requests sent &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-72204","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/72204","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=72204"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/72204\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=72204"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=72204"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=72204"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}