Vulnerabilities > Moxa > Nport Iaw5000A I O Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-08-16 CVE-2023-4204 Use of Hard-coded Credentials vulnerability in Moxa Nport Iaw5000A-I/O Firmware 2.2
NPort IAW5000A-I/O Series firmware version v2.2 and prior is affected by a hardcoded credential vulnerabilitywhich poses a potential risk to the security and integrity of the affected device.
network
low complexity
moxa CWE-798
critical
9.8
2020-12-23 CVE-2020-25190 Cleartext Transmission of Sensitive Information vulnerability in Moxa Nport Iaw5000A-I/O Firmware
The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower stores and transmits the credentials of third-party services in cleartext.
network
low complexity
moxa CWE-319
critical
9.8
2020-12-23 CVE-2020-25196 Improper Restriction of Excessive Authentication Attempts vulnerability in Moxa Nport Iaw5000A-I/O Firmware
The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower allows SSH/Telnet sessions, which may be vulnerable to brute force attacks to bypass authentication.
network
low complexity
moxa CWE-307
critical
9.8