Vulnerabilities > Moxa

DATE CVE VULNERABILITY TITLE RISK
2020-05-01 CVE-2020-12117 Missing Authentication for Critical Function vulnerability in Moxa Nport 5100A Firmware 1.5
Moxa Service in Moxa NPort 5150A firmware version 1.5 and earlier allows attackers to obtain sensitive configuration values via a crafted packet to UDP port 4800.
network
low complexity
moxa CWE-306
5.3
2020-03-26 CVE-2020-6999 Classic Buffer Overflow vulnerability in Moxa Mds-G516E Firmware 5.2
In Moxa EDS-G516E Series firmware, Version 5.2 or lower, some of the parameters in the setting pages do not ensure text is the correct size for its buffer.
network
low complexity
moxa CWE-120
6.5
2020-03-24 CVE-2020-7007 Out-of-bounds Write vulnerability in Moxa Eds-510E Firmware and Eds-G516E Firmware
In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the attacker may execute arbitrary codes or target the device, causing it to go out of service.
network
low complexity
moxa CWE-787
critical
9.8
2020-03-24 CVE-2020-7001 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Moxa Eds-510E Firmware and Eds-G516E Firmware
In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the affected products use a weak cryptographic algorithm, which may allow confidential information to be disclosed.
network
low complexity
moxa CWE-327
7.5
2020-03-24 CVE-2020-6997 Cleartext Transmission of Sensitive Information vulnerability in Moxa Eds-510E Firmware and Eds-G516E Firmware
In Moxa EDS-G516E Series firmware, Version 5.2 or lower, sensitive information is transmitted over some web applications in cleartext.
network
low complexity
moxa CWE-319
7.5
2020-03-24 CVE-2020-6991 Weak Password Requirements vulnerability in Moxa Eds-510E Firmware and Eds-G516E Firmware
In Moxa EDS-G516E Series firmware, Version 5.2 or lower, weak password requirements may allow an attacker to gain access using brute force.
network
low complexity
moxa CWE-521
critical
9.8
2020-03-24 CVE-2020-6981 Use of Hard-coded Credentials vulnerability in Moxa Eds-510E Firmware and Eds-G516E Firmware
In Moxa EDS-G516E Series firmware, Version 5.2 or lower, an attacker may gain access to the system without proper authentication.
network
low complexity
moxa CWE-798
critical
9.8
2020-03-24 CVE-2020-6979 Use of Hard-coded Credentials vulnerability in Moxa Eds-510E Firmware and Eds-G516E Firmware
In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the affected products use a hard-coded cryptographic key, increasing the possibility that confidential data can be recovered.
network
low complexity
moxa CWE-798
7.5
2020-03-24 CVE-2020-6995 Weak Password Requirements vulnerability in Moxa products
In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the application utilizes weak password requirements, which may allow an attacker to gain unauthorized access.
network
low complexity
moxa CWE-521
critical
9.8
2020-03-24 CVE-2020-6993 Information Exposure vulnerability in Moxa products
In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, an attacker can gain access to sensitive information from the web service without authorization.
network
low complexity
moxa CWE-200
7.5