Vulnerabilities > Moxa > Miineport E3 Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-02-13 CVE-2016-9346 Cryptographic Issues vulnerability in Moxa products
An issue was discovered in Moxa MiiNePort E1 versions prior to 1.8, E2 versions prior to 1.4, and E3 versions prior to 1.1.
network
low complexity
moxa CWE-310
5.0
2017-02-13 CVE-2016-9344 Information Exposure Through Log Files vulnerability in Moxa products
An issue was discovered in Moxa MiiNePort E1 versions prior to 1.8, E2 versions prior to 1.4, and E3 versions prior to 1.1.
network
low complexity
moxa CWE-532
5.0
2016-05-31 CVE-2016-2295 Information Exposure vulnerability in Moxa products
Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614, MiiNePort_E2_4561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build 11071409 allow remote attackers to obtain sensitive cleartext information by reading a configuration file.
network
low complexity
moxa CWE-200
5.0
2016-05-31 CVE-2016-2286 Improper Authentication vulnerability in Moxa products
Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614, MiiNePort_E2_4561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build 11071409 have a blank default password, which allows remote attackers to obtain access via unspecified vectors.
network
low complexity
moxa CWE-287
5.0
2016-05-31 CVE-2016-2285 Cross-Site Request Forgery (CSRF) vulnerability in Moxa products
Cross-site request forgery (CSRF) vulnerability on Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614, MiiNePort_E2_4561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build 11071409 allows remote attackers to hijack the authentication of arbitrary users.
network
moxa CWE-352
6.8