Vulnerabilities > Moxa
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-09-21 | CVE-2024-6785 | Cleartext Storage of Sensitive Information vulnerability in Moxa Mxview ONE and Mxview ONE Central Manager The configuration file stores credentials in cleartext. | 7.1 |
2024-09-21 | CVE-2024-6786 | Path Traversal vulnerability in Moxa Mxview ONE The vulnerability allows an attacker to craft MQTT messages that include relative path traversal sequences, enabling them to read arbitrary files on the system. | 6.5 |
2024-09-21 | CVE-2024-6787 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Moxa Mxview ONE This vulnerability occurs when an attacker exploits a race condition between the time a file is checked and the time it is used (TOCTOU). | 5.9 |
2024-06-25 | CVE-2024-4639 | Command Injection vulnerability in Moxa products OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to a lack of neutralized inputs in IPSec configuration. | 8.8 |
2024-06-25 | CVE-2024-4640 | Classic Buffer Overflow vulnerability in Moxa products OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to missing bounds checking on buffer operations. | 8.2 |
2024-06-25 | CVE-2024-4641 | Use of Externally-Controlled Format String vulnerability in Moxa products OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to accepting a format string from an external source as an argument. | 9.8 |
2024-06-25 | CVE-2024-4638 | Command Injection vulnerability in Moxa products OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to a lack of neutralized inputs in the web key upload function. | 8.8 |
2023-12-31 | CVE-2023-6093 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Moxa Oncell G3150A-Lte Firmware A clickjacking vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior. | 6.1 |
2023-12-31 | CVE-2023-6094 | Cleartext Transmission of Sensitive Information vulnerability in Moxa Oncell G3150A-Lte Firmware A vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior. | 5.3 |
2023-12-23 | CVE-2023-5961 | Cross-Site Request Forgery (CSRF) vulnerability in Moxa products A Cross-Site Request Forgery (CSRF) vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. | 8.8 |