Vulnerabilities > Moxa > Oncell Central Manager > High

DATE CVE VULNERABILITY TITLE RISK
2015-12-21 CVE-2015-6481 Unspecified vulnerability in Moxa Oncell Central Manager 2.0
The login function in the RequestController class in Moxa OnCell Central Manager before 2.2 has a hardcoded root password, which allows remote attackers to obtain administrative access via a login session.
network
low complexity
moxa
8.3
2015-12-21 CVE-2015-6480 Improper Authentication vulnerability in Moxa Oncell Central Manager 2.0
The MessageBrokerServlet servlet in Moxa OnCell Central Manager before 2.2 does not require authentication, which allows remote attackers to obtain administrative access via a command, as demonstrated by the addUserAndGroup action.
network
low complexity
moxa CWE-287
8.3