Vulnerabilities > Moxa > EDS 408A Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-05 | CVE-2019-6561 | Cross-Site Request Forgery (CSRF) vulnerability in Moxa products Cross-site request forgery has been identified in Moxa IKS and EDS, which may allow for the execution of unauthorized actions on the device. | 8.8 |
| 2019-03-05 | CVE-2019-6520 | Unspecified vulnerability in Moxa products Moxa IKS and EDS does not properly check authority on server side, which results in a read-only user being able to perform arbitrary configuration changes. | 7.5 |
| 2019-03-05 | CVE-2019-6518 | Missing Encryption of Sensitive Data vulnerability in Moxa products Moxa IKS and EDS store plaintext passwords, which may allow sensitive information to be read by someone with access to the device. | 7.5 |