Vulnerabilities > Moxa > Nport Iaw5250A 12I O Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-04-01 CVE-2021-32968 Classic Buffer Overflow vulnerability in Moxa products
Two buffer overflows in the built-in web server in Moxa NPort IAW5000A-I/O Series firmware version 2.2 or earlier may allow a remote attacker to cause a denial-of-service condition.
network
low complexity
moxa CWE-120
7.5
2022-04-01 CVE-2021-32970 Improper Input Validation vulnerability in Moxa products
Data can be copied without validation in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier, which may allow a remote attacker to cause denial-of-service conditions.
network
low complexity
moxa CWE-20
7.5
2022-04-01 CVE-2021-32974 OS Command Injection vulnerability in Moxa products
Improper input validation in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier may allow a remote attacker to execute commands.
network
low complexity
moxa CWE-78
critical
9.8
2022-04-01 CVE-2021-32976 Out-of-bounds Write vulnerability in Moxa products
Five buffer overflows in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier may allow a remote attacker to initiate a denial-of-service attack and execute arbitrary code.
network
low complexity
moxa CWE-787
critical
9.8