Vulnerabilities > Moxa
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-11 | CVE-2019-9101 | Cleartext Transmission of Sensitive Information vulnerability in Moxa products An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. | 7.5 |
| 2020-03-11 | CVE-2019-9099 | Classic Buffer Overflow vulnerability in Moxa products An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. | 9.8 |
| 2020-03-11 | CVE-2019-9098 | Integer Overflow or Wraparound vulnerability in Moxa products An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. | 7.5 |
| 2020-03-11 | CVE-2019-9097 | Unspecified vulnerability in Moxa products An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. | 5.3 |
| 2020-03-11 | CVE-2019-9096 | Weak Password Requirements vulnerability in Moxa products An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. | 9.8 |
| 2020-03-11 | CVE-2019-9095 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Moxa products An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. | 9.8 |
| 2020-02-26 | CVE-2019-18238 | Cleartext Storage of Sensitive Information vulnerability in Moxa products In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is stored in configuration files without encryption, which may allow an attacker to access an administrative account. | 7.5 |
| 2020-02-25 | CVE-2019-5165 | Improper Authentication vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable authentication bypass vulnerability exists in the hostname processing of the Moxa AWK-3131A firmware version 1.13. | 7.2 |
| 2020-02-25 | CVE-2019-5162 | Unspecified vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable improper access control vulnerability exists in the iw_webs account settings functionality of the Moxa AWK-3131A firmware version 1.13. | 8.8 |
| 2020-02-25 | CVE-2019-5153 | Out-of-bounds Write vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable remote code execution vulnerability exists in the iw_webs configuration parsing functionality of the Moxa AWK-3131A firmware version 1.13. | 8.8 |