Vulnerabilities > Moxa

DATE CVE VULNERABILITY TITLE RISK
2023-12-31 CVE-2023-6093 Improper Restriction of Rendered UI Layers or Frames vulnerability in Moxa Oncell G3150A-Lte Firmware
A clickjacking vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior.
network
low complexity
moxa CWE-1021
6.1
2023-12-31 CVE-2023-6094 Cleartext Transmission of Sensitive Information vulnerability in Moxa Oncell G3150A-Lte Firmware
A vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior.
network
low complexity
moxa CWE-319
5.3
2023-12-23 CVE-2023-5961 Cross-Site Request Forgery (CSRF) vulnerability in Moxa products
A Cross-Site Request Forgery (CSRF) vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior.
network
low complexity
moxa CWE-352
8.8
2023-12-23 CVE-2023-5962 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Moxa products
A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior.
network
low complexity
moxa CWE-327
6.5
2023-11-02 CVE-2023-4217 Exposure of Resource to Wrong Sphere vulnerability in Moxa Eds-G503 Firmware
A vulnerability has been identified in PT-G503 Series versions prior to v5.2, where the session cookies attribute is not set properly in the affected application.
network
low complexity
moxa CWE-668
5.3
2023-11-02 CVE-2023-5035 Cleartext Transmission of Sensitive Information vulnerability in Moxa Eds-G503 Firmware
A vulnerability has been identified in PT-G503 Series firmware versions prior to v5.2, where the Secure attribute for sensitive cookies in HTTPS sessions is not set, which could cause the cookie to be transmitted in plaintext over an HTTP session.
network
low complexity
moxa CWE-319
5.3
2023-11-01 CVE-2023-5627 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Moxa products
A vulnerability has been identified in NPort 6000 Series, making the authentication mechanism vulnerable.
network
low complexity
moxa CWE-327
7.5
2023-11-01 CVE-2023-4452 Classic Buffer Overflow vulnerability in Moxa products
A vulnerability has been identified in the EDR-810, EDR-G902, and EDR-G903 Series, making them vulnerable to the denial-of-service vulnerability.
network
low complexity
moxa CWE-120
7.5
2023-10-03 CVE-2023-4929 Improper Validation of Integrity Check Value vulnerability in Moxa products
All firmware versions of the NPort 5000 Series are affected by an improper validation of integrity check vulnerability.
network
low complexity
moxa CWE-354
8.8
2023-09-02 CVE-2023-39979 Use of Insufficiently Random Values vulnerability in Moxa Mxsecurity 1.0/1.0.1
There is a vulnerability in MXsecurity versions prior to 1.0.1 that can be exploited to bypass authentication.
network
low complexity
moxa CWE-330
critical
9.8