Vulnerabilities > Moxa > AWK 3131A Firmware

DATE CVE VULNERABILITY TITLE RISK
2020-02-25 CVE-2019-5165 Improper Authentication vulnerability in Moxa Awk-3131A Firmware 1.13
An exploitable authentication bypass vulnerability exists in the hostname processing of the Moxa AWK-3131A firmware version 1.13.
network
low complexity
moxa CWE-287
6.5
6.5
2020-02-25 CVE-2019-5162 Unspecified vulnerability in Moxa Awk-3131A Firmware 1.13
An exploitable improper access control vulnerability exists in the iw_webs account settings functionality of the Moxa AWK-3131A firmware version 1.13.
network
low complexity
moxa
critical
 9.0
9.0
2020-02-25 CVE-2019-5153 Out-of-bounds Write vulnerability in Moxa Awk-3131A Firmware 1.13
An exploitable remote code execution vulnerability exists in the iw_webs configuration parsing functionality of the Moxa AWK-3131A firmware version 1.13.
network
low complexity
moxa CWE-787
6.5
6.5
2020-02-25 CVE-2019-5148 Integer Underflow (Wrap or Wraparound) vulnerability in Moxa Awk-3131A Firmware 1.13
An exploitable denial-of-service vulnerability exists in ServiceAgent functionality of the Moxa AWK-3131A, firmware version 1.13.
network
low complexity
moxa CWE-191
5.0
5.0
2020-02-25 CVE-2019-5143 Use of Externally-Controlled Format String vulnerability in Moxa Awk-3131A Firmware 1.13
An exploitable format string vulnerability exists in the iw_console conio_writestr functionality of the Moxa AWK-3131A firmware version 1.13.
network
low complexity
moxa CWE-134
6.5
6.5
2020-02-25 CVE-2019-5142 OS Command Injection vulnerability in Moxa Awk-3131A Firmware 1.13
An exploitable command injection vulnerability exists in the hostname functionality of the Moxa AWK-3131A firmware version 1.13.
network
low complexity
moxa CWE-78
critical
 9.0
9.0
2020-02-25 CVE-2019-5141 OS Command Injection vulnerability in Moxa Awk-3131A Firmware 1.13
An exploitable command injection vulnerability exists in the iw_webs functionality of the Moxa AWK-3131A firmware version 1.13.
network
low complexity
moxa CWE-78
6.5
6.5
2020-02-25 CVE-2019-5140 OS Command Injection vulnerability in Moxa Awk-3131A Firmware 1.13
An exploitable command injection vulnerability exists in the iwwebs functionality of the Moxa AWK-3131A firmware version 1.13.
network
low complexity
moxa CWE-78
6.5
6.5
2020-02-25 CVE-2019-5139 Use of Hard-coded Credentials vulnerability in Moxa Awk-3131A Firmware 1.13
An exploitable use of hard-coded credentials vulnerability exists in multiple iw_* utilities of the Moxa AWK-3131A firmware version 1.13.
local
low complexity
moxa CWE-798
3.6
3.6
2020-02-25 CVE-2019-5138 OS Command Injection vulnerability in Moxa Awk-3131A Firmware 1.13
An exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the Moxa AWK-3131A firmware version 1.13.
network
low complexity
moxa CWE-78
critical
 9.0
9.0