Vulnerabilities > Moxa

DATE CVE VULNERABILITY TITLE RISK
2021-10-12 CVE-2021-38452 Path Traversal vulnerability in Moxa Mxview
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries.
network
low complexity
moxa CWE-22
6.4
2021-10-12 CVE-2021-38454 Incorrect Authorization vulnerability in Moxa Mxview
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries.
network
low complexity
moxa CWE-863
7.5
2021-10-12 CVE-2021-38456 Use of Hard-coded Credentials vulnerability in Moxa Mxview
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries.
network
low complexity
moxa CWE-798
7.5
2021-10-12 CVE-2021-38458 Injection vulnerability in Moxa Mxview
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries.
network
low complexity
moxa CWE-74
7.5
2021-10-12 CVE-2021-38460 Insufficiently Protected Credentials vulnerability in Moxa Mxview
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries.
network
low complexity
moxa CWE-522
5.0
2021-09-07 CVE-2021-39278 Cross-site Scripting vulnerability in Moxa products
Certain MOXA devices allow reflected XSS via the Config Import menu.
network
moxa CWE-79
4.3
2021-09-07 CVE-2021-39279 OS Command Injection vulnerability in Moxa products
Certain MOXA devices allow Authenticated Command Injection via /forms/web_importTFTP.
network
low complexity
moxa CWE-78
critical
9.0
2021-06-18 CVE-2021-33823 Resource Exhaustion vulnerability in Moxa Mgate Mb3180 Firmware 2.1
An issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012.
network
low complexity
moxa CWE-400
5.0
2021-06-18 CVE-2021-33824 Resource Exhaustion vulnerability in Moxa Mgate Mb3180 Firmware 2.1
An issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012.
network
low complexity
moxa CWE-400
5.0
2021-05-14 CVE-2020-27184 Inadequate Encryption Strength vulnerability in Moxa products
The NPort IA5000A Series devices use Telnet as one of the network device management services.
network
moxa CWE-326
4.3