Vulnerabilities > Moxa > Iologik 2542 Hspa Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2020-03-24 CVE-2020-7003 Cleartext Transmission of Sensitive Information vulnerability in Moxa products
In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is transmitted over some web applications in clear text.
network
low complexity
moxa CWE-319
7.5
2020-03-24 CVE-2019-18242 Unspecified vulnerability in Moxa products
In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, frequent and multiple requests for short-term use may cause the web server to fail.
network
low complexity
moxa
7.5
2020-02-26 CVE-2019-18238 Cleartext Storage of Sensitive Information vulnerability in Moxa products
In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is stored in configuration files without encryption, which may allow an attacker to access an administrative account.
network
low complexity
moxa CWE-312
7.5