Vulnerabilities > Moxa > Nport Iaw5000A I O Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2023-10-03 CVE-2023-4929 Improper Validation of Integrity Check Value vulnerability in Moxa products
All firmware versions of the NPort 5000 Series are affected by an improper validation of integrity check vulnerability.
network
low complexity
moxa CWE-354
8.8
8.8
2020-12-23 CVE-2020-25198 Session Fixation vulnerability in Moxa Nport Iaw5000A-I/O Firmware
The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower has incorrectly implemented protections from session fixation, which may allow an attacker to gain access to a session and hijack it by stealing the user’s cookies.
network
low complexity
moxa CWE-384
8.8
8.8
2020-12-23 CVE-2020-25194 Improper Privilege Management vulnerability in Moxa Nport Iaw5000A-I/O Firmware
The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower has improper privilege management, which may allow an attacker with user privileges to perform requests with administrative privileges.
network
low complexity
moxa CWE-269
8.8
8.8
2020-12-23 CVE-2020-25153 Weak Password Requirements vulnerability in Moxa Nport Iaw5000A-I/O Firmware
The built-in web service for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower does not require users to have strong passwords.
network
low complexity
moxa CWE-521
7.5
7.5