Vulnerabilities > Moxa > EDR 810 Firmware

DATE CVE VULNERABILITY TITLE RISK
2018-05-14 CVE-2017-14432 OS Command Injection vulnerability in Moxa Edr-810 Firmware 4.1
An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317.
network
low complexity
moxa CWE-78
8.8
8.8
2018-05-14 CVE-2017-12129 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Moxa Edr-810 Firmware 4.1
An exploitable Weak Cryptography for Passwords vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317.
low complexity
moxa CWE-327
8.0
8.0
2018-05-14 CVE-2017-12128 Information Exposure vulnerability in Moxa Edr-810 Firmware 4.1
An exploitable information disclosure vulnerability exists in the Server Agent functionality of Moxa EDR-810 V4.1 build 17030317.
network
low complexity
moxa CWE-200
7.5
7.5
2018-05-14 CVE-2017-12127 Insufficiently Protected Credentials vulnerability in Moxa Edr-810 Firmware 4.1
A password storage vulnerability exists in the operating system functionality of Moxa EDR-810 V4.1 build 17030317.
local
low complexity
moxa CWE-522
4.4
4.4
2018-05-14 CVE-2017-12126 Cross-Site Request Forgery (CSRF) vulnerability in Moxa Edr-810 Firmware 4.1
An exploitable cross-site request forgery vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317.
network
low complexity
moxa CWE-352
8.8
8.8
2018-05-14 CVE-2017-12125 OS Command Injection vulnerability in Moxa Edr-810 Firmware 4.1
An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317.
network
low complexity
moxa CWE-78
8.8
8.8
2018-05-14 CVE-2017-12124 NULL Pointer Dereference vulnerability in Moxa Edr-810 Firmware 4.1
An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317.
network
low complexity
moxa CWE-476
6.5
6.5
2018-05-14 CVE-2017-12123 Insufficiently Protected Credentials vulnerability in Moxa Edr-810 Firmware 4.1
An exploitable clear text transmission of password vulnerability exists in the web server and telnet functionality of Moxa EDR-810 V4.1 build 17030317.
low complexity
moxa CWE-522
8.8
8.8
2018-05-14 CVE-2017-12121 OS Command Injection vulnerability in Moxa Edr-810 Firmware 4.1
An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317.
network
low complexity
moxa CWE-78
8.8
8.8
2018-05-14 CVE-2017-12120 OS Command Injection vulnerability in Moxa Edr-810 Firmware 4.1
An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317.
network
low complexity
moxa CWE-78
8.8
8.8